CVE-2025-20646
Published: 03 March 2025
Summary
CVE-2025-20646 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Mediatek Software Development Kit. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 15.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-20646 is an out-of-bounds write vulnerability in MediaTek wlan AP firmware stemming from improper input validation and tracked under CWE-787. The flaw resides in the access-point firmware component and carries a CVSS 3.1 base score of 9.8, reflecting network-accessible attack vectors that require no authentication or user interaction.
An unauthenticated remote attacker can send specially crafted network frames to trigger the write, resulting in privilege escalation on the affected device without any additional execution rights. The vulnerability description explicitly states that user interaction is not required for exploitation.
The sole referenced advisory is MediaTek’s March 2025 product-security bulletin, which assigns Patch ID WCNCR00389074 and Issue ID MSV-1803 for remediation. The associated EPSS score remains flat at 0.0211 with no material increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-5832
Vulnerability details
In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:…
more
WCNCR00389074; Issue ID: MSV-1803.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds write in network-accessible WLAN AP firmware directly enables remote unauthenticated privilege escalation (T1068) via public-facing application exploitation (T1190).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of all inputs to prevent out-of-bounds writes due to improper input validation as in this CVE.
Mandates timely flaw remediation, including applying the vendor patch WCNCR00389074 to eliminate the vulnerability.
Implements memory protections that block exploitation of out-of-bounds writes for remote privilege escalation.