MediaTek has published its Q1 2025 Product Security Bulletin, revealing 13 vulnerabilities across smartphone, IoT, and embedded device chipsets, including one critical remote code execution (RCE) flaw.
The most severe issue, CVE-2025-20654, affects wireless LAN components in popular chips like the MT6890 (Dimensity 1200) and MT7986 (Filogic 830), potentially allowing attackers to execute arbitrary code without user interaction
Critical Vulnerabilities
The critical-rated CVE-2025-20654 impacts:
- Chipsets: MT6890, MT7622, MT7915/6, MT7981/86
- Attack Vector: Exploitable via malformed wireless packets
- Impact: Full device compromise (CVSS 9.8/10)
This vulnerability stems from an out-of-bounds write in the WLAN service, affecting OpenWrt 19.07/21.02 and MediaTek SDKs up to version 7.6.7.0.
High-Risk Vulnerabilities
Four high-severity flaws (CVSS 7.0–8.8) enable local privilege escalation and information disclosure:
| CVE | Affected Chips | Vulnerability Type | Key Impact |
|---|---|---|---|
| CVE-2025-20655 | MT9972 | Information Disclosure | System privilege abuse |
| CVE-2025-20656 | MT6983/85/89 | Privilege Escalation | Physical access exploitation |
| CVE-2025-20657 | MT6765/88 | Permission Bypass | System-level access |
| CVE-2025-20658 | MT2718/8673 | Logic Error | Bootloader compromise |
These vulnerabilities primarily affect Android devices (versions 12–15) and require existing system access or physical device interaction.
Medium-Severity Issues
Six medium-risk CVEs (CVSS 4.3–6.8) include:
- Baseband Vulnerabilities: CVE-2025-20659 affects 78 modem chipsets, allowing DoS attacks via rogue cellular base stations
- DRM Exploits: CVE-2025-20660/61/62 in PlayReady TA impact MT9972-based Android devices
- WLAN Leaks: CVE-2025-20663/64 expose Wi-Fi session data on MT79xx routers
Risk Factor Summary
| CVE | Severity | Vulnerability Type | Affected Chipsets |
|---|---|---|---|
| CVE-2025-20654 | Critical | RCE | MT6890, MT7986 |
| CVE-2025-20655 | High | ID | MT9972 |
| CVE-2025-20656 | High | EoP | MT6983/85/89 |
| CVE-2025-20657 | High | EoP | MT6765/88 |
| CVE-2025-20658 | High | EoP | MT2718/8673 |
| CVE-2025-20659 | Medium | DoS | MT2735–MT8798 |
Mitigation and Patches
MediaTek confirmed that OEMs received patches ≥60 days before disclosure. Recommended actions:
- Consumer Devices: Apply Android Security Patch Level (SPL) 2025-04-05 or later
- Networking Gear: Update OpenWrt to 23.05.3 (MT79xx routers)
- Industrial Systems: Install Yocto 4.0.4 updates for MT8390-based controllers
The vulnerabilities were discovered through MediaTek’s bug bounty program and internal audits, with external researchers credited for 46% of the findings.
Security analysts emphasize the critical need to patch MT7986-based routers and MT6890-powered smartphones, as these devices are frequently exposed to untrusted networks.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=The most severe issue, CVE-2025-20654, affects wireless LAN components in popular chips like the MT6890 (Dimensity 1200) and MT7986.){kind=link}