ГлавнаяУязвимости → CVE-2025-20680
9.8критическая

CVE-2025-20680

Описание

In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418044; Issue ID: MSV-3482.

Затрагиваемое ПО
Mediatek Nbiot sdkMediatek Mt7902Mediatek Mt7920Mediatek Mt7921Mediatek Mt7922Mediatek Mt7925Mediatek Mt7927
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/July-2025