Overview
- CERT-In’s advisory CIVN-2025-0119 rated the flaws as high severity, citing heap overflow, null pointer dereference and uncontrolled recursion in Bluetooth, WLAN and IMS components.
- The vulnerabilities could let attackers escalate privileges or disrupt system operations on devices running MediaTek chipsets.
- Devices at risk span smartphones, laptops, smart TVs, tablets, Wi-Fi routers and connected home appliances.
- MediaTek’s security bulletin notified device makers of the vulnerabilities and provided patches at least two months before CERT-In’s public advisory.
- Users should install pending firmware or software updates as they become available to secure their devices.