ГлавнаяУязвимости → CVE-2025-20672
9.8критическая

CVE-2025-20672

Описание

In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412257; Issue ID: MSV-3292.

Затрагиваемое ПО
Mediatek Mt7902 firmwareMediatek Mt7902Mediatek Mt7921 firmwareMediatek Mt7921Mediatek Mt7922 firmwareMediatek Mt7922Mediatek Mt7925 firmwareMediatek Mt7925Mediatek Mt7927 firmwareMediatek Mt7927
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/June-2025