Description
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- MediaTek, Inc. / MT6890, MT7915, MT7916, MT7981, MT7986SDK release 7.6.7.2 and before / OpenWrt 19.07, 21.02 (MT6890) – SDK release 7.6.7.2 and before / OpenWrt 19.07, 21.02 (MT6890)