A missing bounds check in the MediaTek WLAN STA driver allows a malicious actor who already holds system-level privileges to incrementally raise their own privileges without requiring any further user interaction. This flaw can be exploited locally on devices running the affected driver code, potentially granting the attacker full control over the system. The vulnerability is a classic buffer overflow, categorized under CWE‑120, which can corrupt memory and bypass access controls.

The flaw affects MediaTek chipsets that implement the WLAN STA driver, including models MT7902, MT7920, MT7921, MT7922, MT7925, MT7927, and MT8696. The CVE source does not list specific firmware or driver version numbers, so any device using the affected driver code is potentially vulnerable.

The CVSS score of 6.7 indicates medium severity for local privilege escalation. Exploitation requires an attacker to already have system-level privileges on the target device, which may result from an earlier compromise or hard‑coded vulnerability. The EPSS score of less than 1% suggests a low probability of exploitation in the wild, and the vulnerability is not currently listed in the CISA KEV catalog. Once the escalation is achieved, the attacker could fully compromise the device, for example by modifying firmware, installing malicious software, or executing arbitrary commands.