Cyber Security News

MediaTek’s April 2025 Security Bulletin Addresses Critical WLAN Vulnerability in Multiple Chipsets

Cyware
MediaTek’s April 2025 Security Bulletin Addresses Critical WLAN Vulnerability in Multiple Chipsets
Summary: MediaTek’s April 2025 Product Security Bulletin highlights numerous security vulnerabilities in its chipsets, affecting a broad range of devices including smartphones and smart TVs. The vulnerabilities vary in severity, with critical issues like remote code execution (CVE-2025-20654) drawing particular attention. Device manufacturers are urged to apply security patches immediately to safeguard against potential exploits.

Affected: MediaTek chipsets and associated devices

Keypoints :

  • Critical vulnerability (CVE-2025-20654) in WLAN service allows remote code execution without user interaction.
  • Multiple high-severity vulnerabilities involve out-of-bounds reads/writes that could lead to privilege escalation.
  • Medium-severity vulnerabilities may result in denial-of-service or information disclosure attacks.

Source: https://securityonline.info/mediateks-april-2025-security-bulletin-critical-wlan-vulnerability-exposes-chipsets/