{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-20663","assignerOrgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","state":"PUBLISHED","assignerShortName":"MediaTek","dateReserved":"2024-11-01T01:21:50.368Z","datePublished":"2025-04-07T03:15:00.594Z","dateUpdated":"2025-04-07T14:15:18.303Z"},"containers":{"cna":{"providerMetadata":{"orgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","shortName":"MediaTek","dateUpdated":"2025-04-07T03:15:00.594Z"},"descriptions":[{"lang":"en","value":"In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00408868; Issue ID: MSV-3031."}],"affected":[{"vendor":"MediaTek, Inc.","product":"MT7915, MT7916, MT7981, MT7986","versions":[{"version":"SDK release 7.4.0.1 (MT7915) and 7.6.7.2 (MT7916, MT798X) and before","status":"affected"}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/April-2025"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","cweId":"CWE-248","description":"CWE-248 Uncaught Exception"}]}]},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-04-07T14:14:31.427767Z","id":"CVE-2025-20663","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-07T14:15:18.303Z"}}]}}