{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T08:44:34.581","vulnerabilities":[{"cve":{"id":"CVE-2025-20654","sourceIdentifier":"security@mediatek.com","published":"2025-04-07T04:15:19.180","lastModified":"2025-04-09T15:46:21.793","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875."},{"lang":"es","value":"En el servicio WLAN, existe una posible escritura fuera de los límites debido a una comprobación incorrecta de los límites. Esto podría provocar la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. No se requiere la interacción del usuario para su explotación. ID de parche: WCNCR00406897; ID de problema: MSV-2875."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@mediatek.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*","versionEndIncluding":"7.4.0.1","matchCriteriaId":"9C3A1278-7DC1-4E66-8F57-4B585A4838ED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*","matchCriteriaId":"55EB4B27-6264-45BE-9A22-BE8418BB0C06"},{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*","matchCriteriaId":"3AB22996-9C22-4B6C-9E94-E4C055D16335"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*","versionEndIncluding":"7.6.7.0","matchCriteriaId":"521ABF30-6B3D-466F-83D4-E2C4297E27C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*","matchCriteriaId":"3AB22996-9C22-4B6C-9E94-E4C055D16335"},{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*","matchCriteriaId":"DD5AA441-5381-4179-89EB-1642120F72B4"},{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*","matchCriteriaId":"490CD97B-021F-4350-AEE7-A2FA866D5889"},{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*","matchCriteriaId":"40A9E917-4B34-403F-B512-09EEBEA46811"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*","matchCriteriaId":"4FA469E2-9E63-4C9A-8EBA-10C8C870063A"},{"vulnerable":true,"criteria":"cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*","matchCriteriaId":"F0133207-2EED-4625-854F-8DB7770D5BF7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*","matchCriteriaId":"171D1C08-F055-44C0-913C-AA2B73AF5B72"}]}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/April-2025","source":"security@mediatek.com","tags":["Vendor Advisory"]}]}}]}