CVE-2021-37564

Name of the Vulnerable Software and Affected Versions MediaTek microchips versions 2.0.2

Description The issue is related to the mishandling of IEEE 1905 protocols in MediaTek microchips, which can lead to an out-of-bounds read. This can potentially allow a remote attacker to elevate their privileges. The affected chipsets include MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, and MT7915.

Recommendations For version 2.0.2, consider restricting access to the IEEE 1905 protocol handling functionality until a patch is available. As a temporary workaround, disabling the vulnerable protocol handling may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.