7.5

CVE-2025-20644

In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
MediatekNr15 Version-
   MediatekMt2735 Version-
   MediatekMt2737 Version-
   MediatekMt6833 Version-
   MediatekMt6833p Version-
   MediatekMt6853 Version-
   MediatekMt6853t Version-
   MediatekMt6855 Version-
   MediatekMt6855t Version-
   MediatekMt6873 Version-
   MediatekMt6875 Version-
   MediatekMt6875t Version-
   MediatekMt6877 Version-
   MediatekMt6877t Version-
   MediatekMt6877tt Version-
   MediatekMt6879 Version-
   MediatekMt6880 Version-
   MediatekMt6883 Version-
   MediatekMt6885 Version-
   MediatekMt6886 Version-
   MediatekMt6889 Version-
   MediatekMt6890 Version-
   MediatekMt6891 Version-
   MediatekMt6893 Version-
   MediatekMt6895 Version-
   MediatekMt6895tt Version-
   MediatekMt6896 Version-
   MediatekMt6980 Version-
   MediatekMt6980d Version-
   MediatekMt6983 Version-
   MediatekMt6983t Version-
   MediatekMt6985 Version-
   MediatekMt6985t Version-
   MediatekMt6989 Version-
   MediatekMt6989t Version-
   MediatekMt6990 Version-
   MediatekMt8673 Version-
   MediatekMt8791t Version-
   MediatekMt8795t Version-
   MediatekMt8798 Version-
MediatekNr16 Version-
   MediatekMt2735 Version-
   MediatekMt2737 Version-
   MediatekMt6833 Version-
   MediatekMt6833p Version-
   MediatekMt6853 Version-
   MediatekMt6853t Version-
   MediatekMt6855 Version-
   MediatekMt6855t Version-
   MediatekMt6873 Version-
   MediatekMt6875 Version-
   MediatekMt6875t Version-
   MediatekMt6877 Version-
   MediatekMt6877t Version-
   MediatekMt6877tt Version-
   MediatekMt6879 Version-
   MediatekMt6880 Version-
   MediatekMt6883 Version-
   MediatekMt6885 Version-
   MediatekMt6886 Version-
   MediatekMt6889 Version-
   MediatekMt6890 Version-
   MediatekMt6891 Version-
   MediatekMt6893 Version-
   MediatekMt6895 Version-
   MediatekMt6895tt Version-
   MediatekMt6896 Version-
   MediatekMt6980 Version-
   MediatekMt6980d Version-
   MediatekMt6983 Version-
   MediatekMt6983t Version-
   MediatekMt6985 Version-
   MediatekMt6985t Version-
   MediatekMt6989 Version-
   MediatekMt6989t Version-
   MediatekMt6990 Version-
   MediatekMt8673 Version-
   MediatekMt8791t Version-
   MediatekMt8795t Version-
   MediatekMt8798 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.4% 0.597
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-1286 Improper Validation of Syntactic Correctness of Input

The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.