Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

mt7920

Source -

ADPNVD

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

9
Related CVEsRelated VendorsRelated AssignersReports
9Vulnerabilities found
CVE-2025-20693
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 0.47%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 02:00
Updated-09 Jul, 2025 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421.

Action-Not Available
Vendor-Google LLCThe Linux FoundationMediaTek Inc.OpenWrt
Product-yoctomt6897software_development_kitmt7925mt7921mt6878openwrtmt6990androidmt6886mt6899mt6985mt6989mt2737mt7927mt8893mt8796mt6991mt8196mt6835mt7920mt7932mt8678mt7923mt7922mt7902MT2737, MT6835, MT6878, MT6886, MT6897, MT6899, MT6985, MT6989, MT6990, MT6991, MT7902, MT7920, MT7921, MT7922, MT7923, MT7925, MT7927, MT7932, MT8196, MT8678, MT8796, MT8893
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20687
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 2.98%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 02:00
Updated-14 Jul, 2025 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481.

Action-Not Available
Vendor-MediaTek Inc.
Product-nbiot_sdkmt7925mt7927mt7920mt7922mt7921mt7902MT7902, MT7920, MT7921, MT7922, MT7925, MT7927
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20680
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.11% / 30.37%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 02:00
Updated-14 Jul, 2025 | 15:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418044; Issue ID: MSV-3482.

Action-Not Available
Vendor-MediaTek Inc.
Product-nbiot_sdkmt7925mt7927mt7920mt7922mt7921mt7902MT7902, MT7920, MT7921, MT7922, MT7925, MT7927
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-20147
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 6.78%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 03:24
Updated-22 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt8390mt8195mt6989mt7922mt8370mt8395mt6886mt3603mt6990mt7925mt8678mt6897mt7921mt6878openwrtmt8532mt7927mt6835software_development_kitmt8518smt7902mt7920androidmt6985yoctomt2737MT2737, MT3603, MT6835, MT6878, MT6886, MT6897, MT6985, MT6989, MT6990, MT7902, MT7920, MT7921, MT7922, MT7925, MT7927, MT8195, MT8370, MT8390, MT8395, MT8518S, MT8532, MT8678
CWE ID-CWE-617
Reachable Assertion
CVE-2024-20152
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.30%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-21 Apr, 2025 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt8775androidsoftware_development_kitmt6990mt6835mt7922mt7920mt8796mt2737mt6897mt8893mt8755mt8781mt8768openwrtmt8532mt8518syoctomt3603mt6886mt6878mt7902mt8766mt8798MT2737, MT3603, MT6835, MT6878, MT6886, MT6897, MT6990, MT7902, MT7920, MT7922, MT8518S, MT8532, MT8755, MT8766, MT8768, MT8775, MT8781, MT8796, MT8798, MT8893
CWE ID-CWE-617
Reachable Assertion
CVE-2024-20148
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 21.28%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.

Action-Not Available
Vendor-The Linux FoundationMediaTek Inc.Google LLC
Product-mt8775mt7922mt8798mt6886mt3603mt8796mt6897mt8768mt6878mt8532mt6835software_development_kitmt7902mt8518sandroidmt7920mt8766yoctoMT3603, MT6835, MT6878, MT6886, MT6897, MT7902, MT7920, MT7922, MT8518S, MT8532, MT8766, MT8768, MT8775, MT8796, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20146
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-8.1||HIGH
EPSS-0.02% / 2.56%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt8775mt7922mt8798mt6886mt3603mt6990mt8786mt8796mt6897mt8768mt6878openwrtmt8532mt2737mt8365mt6835software_development_kitmt8673mt8518smt7902mt8666mt8755mt7920androidmt8788mt8893mt8781mt8766yoctomt8667MT2737, MT3603, MT6835, MT6878, MT6886, MT6897, MT6990, MT7902, MT7920, MT7922, MT8365, MT8518S, MT8532, MT8666, MT8667, MT8673, MT8755, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8796, MT8798, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20040
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-8.8||HIGH
EPSS-0.93% / 75.11%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 02:34
Updated-23 Apr, 2025 | 13:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979.

Action-Not Available
Vendor-rdkcentralOpenWrtLinux Kernel Organization, IncThe Linux FoundationMediaTek Inc.Google LLC
Product-mt6895mt8678mt6890mt6855mt6853tmt7916mt6875mt6873mt7921mt8792mt8796androidmt6886mt7915mt8195mt6762mt6985mt7986mt8395rdk-bmt6877mt7902mt6983mt6833mt6789mt6768mt8798mt6990mt6883mt8673mt2713mt7922mt6879mt6893mt8518smt6989mt8532mt6761mt8370openwrtmt8791tmt6580mt6889mt7925mt8797linux_kernelmt8781mt6781mt7981mt8188yoctomt8390mt7920mt6891mt7927mt6853mt6885MT2713, MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT6990, MT7902, MT7915, MT7916, MT7920, MT7921, MT7922, MT7925, MT7927, MT7981, MT7986, MT8188, MT8195, MT8370, MT8390, MT8395, MT8518S, MT8532, MT8673, MT8678, MT8781, MT8791T, MT8792, MT8796, MT8797, MT8798mt6886mt6762mt8195mt8673mt6891mt6893mt6889mt6789mt6761androidmt7902mt6781mt6877mt8395mt6983mt6855mt6883mt7925mt6853mt6895mt6875mt2713mt8370mt8518smt6989linux_kernelmt7915mt8532mt7921mt8188mt6873mt6990mt6580mt7920mt6890mt7916mt8390mt6853tmt6833mt6985mt7986mt6768mt6885mt7981mt7922mt7927mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-20023
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 34.14%
||
7 Day CHG~0.00%
Published-04 Jan, 2022 | 15:57
Updated-03 Aug, 2024 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6757cdmt8175mt6873mt6893mt8765mt6580mt8788mt7662tmt7920mt6755smt8167mt6765mt6757cmt7663mt6737mt8183mt6853tmt7921mt6739mt6757mt8768mt8789mt6761mt8797mt6889mt8321mt6768mt6630mt8362amt8362bmt8786mt8766mt8167smt6771mt8385mt6833mt6885mt6735mt6750smt6753mt6762mt6877mt8365mt8195mt6853mt8168androidmt6757chmt7922mt8185mt8791mt6779mt8163mt6785mt7668mt7915mt6763mt8173MT6580, MT6630, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT7662T, MT7663, MT7668, MT7915, MT7920, MT7921, MT7922, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8362B, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime