CVE-2025-8301
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2025-09-10

Assigner: Zero Day Initiative

Description
Realtek RTL8811AU rtwlanu.sys N6CSet_DOT11_CIPHER_DEFAULT_KEY Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Realtek RTL8811AU drivers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the N6CSet_DOT11_CIPHER_DEFAULT_KEY function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-24786.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2025-09-10
Generated
2026-05-06
AI Q&A
2025-09-02
EPSS Evaluated
2026-05-05
NVD
CVE-2025-8301
EUVD
EUVD-2025-26433
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
realtek wi-fi_usb_driver to 1030.52.0325.2025 (exc)
realtek rtl8811au *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-8301 is a local privilege escalation vulnerability in the Realtek RTL8811AU wireless driver. It occurs due to a heap-based buffer overflow in the function N6CSet_DOT11_CIPHER_DEFAULT_KEY caused by improper validation of the length of user-supplied data before copying it into a fixed-length heap buffer. An attacker who already has low-privileged code execution on the system can exploit this flaw to escalate their privileges and execute arbitrary code with SYSTEM-level privileges. [1]


How can this vulnerability impact me? :

This vulnerability can allow an attacker who has limited access to a system to escalate their privileges to SYSTEM level, effectively gaining full control over the affected system. This can lead to unauthorized access to sensitive data, modification or deletion of critical files, installation of malicious software, and disruption of system availability. [1]


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that the Realtek RTL8811AU driver is updated to a version where this heap-based buffer overflow flaw in the N6CSet_DOT11_CIPHER_DEFAULT_KEY function is fixed. Limit the ability of low-privileged users to execute code on the system, as exploitation requires local code execution. Applying vendor patches or updates as soon as they become available is recommended. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart