CVE-2021-31578

CRITICAL

MediaTek EN7580 and EN7528 Firmware < tlm7.3.275.0-64 - Unauthenticated Stack Buffer Overflow in Boa

Title source: llm

Description

In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.

References (1)

Core 1

Core References

Vendor Advisory

https://corp.mediatek.com/product-security-acknowledgements

Scores

CVSS v3 9.8

EPSS 0.0208

EPSS Percentile 84.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (2)

mediatek/en7528_firmware < tlm7.3.275.0-64

mediatek/en7580_firmware < tlm7.3.275.0-64

Published Feb 06, 2023

Tracked Since Feb 18, 2026