IoT Yocto 2025 Security Bulletin Published

Product Security Bulletin contains details of security vulnerabilities affecting MediaTek IoT Yocto devices. Device OEMs should regularly review and update all the issues of the corresponding security patches before publication.

December 2025

November 2025

October 2025

CVE-2025-20721

Title

Out-of-bounds write in imgsensor

Severity

Medium

Vulnerability Type

EoP

CWE

CWE-787 Out-of-bounds Write

Description

In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation.

Affected Chipsets

MT8395,MT8390,MT8370

References

Commit d23002c9 (rity-scarthgap), 30dc4f2d (rity-kirkstone)

September 2025

August 2025

July 2025

CVE-2025-20694

Title

Buffer underflow in Bluetooth

Severity

Medium

Vulnerability Type

DoS

CWE

CWE-124 Buffer Underflow

Description

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8395,MT8390,MT8370

References

Commit bbd2087a (rity-scarthgap), 9e83165f (rity-kirkstone)

June 2025

May 2025

April 2025

March 2025

CVE-2025-20648

Title

Out-of-bounds read in apu

Severity

Medium

Vulnerability Type

ID

CWE

CWE-125 Out-of-bounds Read

Description

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8395,MT8390,MT8370

References

Commit 1c41e2f0

February 2025

CVE-2024-20147

Title

Reachable assertion in Bluetooth

Severity

Medium

Vulnerability Type

DoS

CWE

CWE-617 Reachable Assertion

Description

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Chipsets

MT8395,MT8390,MT8370

References

Commit 1e3764e4

January 2025