Overview

• CERT-In’s advisory CIVN-2025-0119 rated the flaws as high severity, citing heap overflow, null pointer dereference and uncontrolled recursion in Bluetooth, WLAN and IMS components.
• The vulnerabilities could let attackers escalate privileges or disrupt system operations on devices running MediaTek chipsets.
• Devices at risk span smartphones, laptops, smart TVs, tablets, Wi-Fi routers and connected home appliances.
• MediaTek’s security bulletin notified device makers of the vulnerabilities and provided patches at least two months before CERT-In’s public advisory.
• Users should install pending firmware or software updates as they become available to secure their devices.