cbcvebase.
CVE-2025-20633
published 2025-02-03

CVE-2025-20633: In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with…

PriorityP350high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
0.33%
25.0th percentile
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491.

Affected

4 ranges
VendorProductVersion rangeFixed in
mediateksoftware_development_kit<= 7.4.0.1
msrcazl3_patch_2.7.6-9_on_azure_linux_3.0
msrccbl2_patch_2.7.6-8_on_cbl_mariner_2.0
msrccm1_patch_2.7.6-7_on_cbl_mariner_1.0

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.