MediaTek Software Development Kit

Local PrivEsc via OOB Write in WLAN AP Driver
CVE-2025-20681 - July 08, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416936; Issue ID: MSV-3446.

Memory Corruption

Out-of-Bounds Write in Windows WLAN AP Driver Enables Local Privilege Escalation
CVE-2025-20682 - July 08, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416937; Issue ID: MSV-3445.

Memory Corruption

Microsoft WLAN AP Driver OOB Write Priv Esc
CVE-2025-20683 - July 08, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444.

Memory Corruption

OOB write in WLAN AP driver enabling local privilege escalation (Windows)
CVE-2025-20684 - July 08, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422.

Memory Corruption

Microsoft WLAN AP Driver OOB Read causes local info disclosure
CVE-2025-20688 - July 08, 2025

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480.

Out-of-bounds Read

OOB Read in WLAN AP Driver Enables Local Info Disclosure
CVE-2025-20689 - July 08, 2025

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479.

Out-of-bounds Read

WLAN AP Driver OOB Read (CVE-2025-20690)
CVE-2025-20690 - July 08, 2025

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478.

Out-of-bounds Read

Out-of-Bounds Read in Microsoft WLAN Driver Enables Local Disclosure
CVE-2025-20691 - July 08, 2025

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477.

Out-of-bounds Read

Out-of-Bounds Read in Windows WLAN AP Driver
CVE-2025-20692 - July 08, 2025

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476.

Out-of-bounds Read

Out-of-Bounds Read in Alps WLAN STA Driver Causing Info Disclosure
CVE-2025-20693 - July 08, 2025

In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421.

Out-of-bounds Read

Win BT FW Uncaught Exc -> Remote DoS
CVE-2025-20694 - July 08, 2025

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342.

buffer underrun

BT Firmware Uncaught Exception Remote DoS
CVE-2025-20695 - July 08, 2025

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.

Memory Corruption

Microsoft Windows BT Stack Info Disclosure via Missing Permission Check
CVE-2025-20649 - March 03, 2025

In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00396437; Issue ID: MSV-2184.

OOB Write in WLAN AP Firmware Enables Remote Priv Escalation
CVE-2025-20646 - March 03, 2025

In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389074; Issue ID: MSV-1803.

Memory Corruption

Remote OOB Write in Windows WLAN AP Driver Enables Code Exec
CVE-2025-20633 8.8 - High - February 03, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491.

Memory Corruption

MediaTek BT FW reachable assertion leads to remote DoS
CVE-2024-20147 - February 03, 2025

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797.

WLAN AP Driver OOB Write Causes Local Priv Escalation (Windows)
CVE-2025-20631 - February 03, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187.

Memory Corruption

Microsoft WLAN Driver OOB Write Enables Local Priv Escalation
CVE-2025-20632 - February 03, 2025

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397139; Issue ID: MSV-2188.

Memory Corruption

Network HW: Uncaught Exception Enables Remote DoS
CVE-2025-20637 7.5 - High - February 03, 2025

In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380.

Improper Check for Unusual or Exceptional Conditions

WCNCR WLAN STA Driver OOB Write Remote Code Exec
CVE-2024-20146 - January 06, 2025

In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.

Memory Corruption

OOB write in WLAN STA firmware remote code execution (CVE202420148)
CVE-2024-20148 - January 06, 2025

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.

Memory Corruption

Microsoft WLAN Driver Assertion Failure DoS via Improper Exception Handling
CVE-2024-20152 - January 06, 2025

In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798.

assertion failure

Wlan Driver Out-of-Bounds Read Vulnerability
CVE-2024-20138 - December 02, 2024

In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.

Out-of-bounds Read

Windows WLAN Driver OOB Write RCE without Privileges
CVE-2024-20100 - October 07, 2024

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.

Memory Corruption

OOB Write in Windows WLAN Driver Enables RCE
CVE-2024-20101 - October 07, 2024

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602.

Memory Corruption

ALPS WLAN FW: OOB Write Allows RCE via Improper Input Validation
CVE-2024-20103 - October 07, 2024

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.

Memory Corruption

Windows WLAN Service OOB Write Allows Local Escalation
CVE-2024-20073 - June 03, 2024

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411.

Memory Corruption

Microsoft Windows WLAN Driver OOB Write Priv Escalation
CVE-2024-20072 - June 03, 2024

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID: MSV-1332.

Memory Corruption

Microsoft Windows WLAN Driver OOB Read Local Info Disclosure
CVE-2024-20071 - June 03, 2024

In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331.

Out-of-bounds Read

Out-of-bounds write in Windows WLAN driver leads to privilege escalation
CVE-2024-20018 - March 04, 2024

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.

Microsoft Windows WLAN Driver PIN RNG Weakness (CVE-2023-32831)
CVE-2023-32831 5.5 - Medium - January 02, 2024

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.

Use of Insufficiently Random Values