CVE-2025-20754
BaseFortify
Publication date: 2025-12-02
Last updated on: 2025-12-04
Assigner: MediaTek, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mediatek | nr15 | * |
| mediatek | nr16 | * |
| mediatek | nr17 | * |
| mediatek | nr17r | * |
| mediatek | mt2735 | * |
| mediatek | mt2737 | * |
| mediatek | mt6813 | * |
| mediatek | mt6833 | * |
| mediatek | mt6833p | * |
| mediatek | mt6835 | * |
| mediatek | mt6835t | * |
| mediatek | mt6853 | * |
| mediatek | mt6853t | * |
| mediatek | mt6855 | * |
| mediatek | mt6855t | * |
| mediatek | mt6873 | * |
| mediatek | mt6875 | * |
| mediatek | mt6875t | * |
| mediatek | mt6877 | * |
| mediatek | mt6877t | * |
| mediatek | mt6877tt | * |
| mediatek | mt6878 | * |
| mediatek | mt6878m | * |
| mediatek | mt6879 | * |
| mediatek | mt6880 | * |
| mediatek | mt6883 | * |
| mediatek | mt6885 | * |
| mediatek | mt6886 | * |
| mediatek | mt6889 | * |
| mediatek | mt6890 | * |
| mediatek | mt6891 | * |
| mediatek | mt6893 | * |
| mediatek | mt6895 | * |
| mediatek | mt6895tt | * |
| mediatek | mt6896 | * |
| mediatek | mt6897 | * |
| mediatek | mt6899 | * |
| mediatek | mt6980 | * |
| mediatek | mt6980d | * |
| mediatek | mt6983 | * |
| mediatek | mt6983t | * |
| mediatek | mt6985 | * |
| mediatek | mt6985t | * |
| mediatek | mt6989 | * |
| mediatek | mt6989t | * |
| mediatek | mt6990 | * |
| mediatek | mt6991 | * |
| mediatek | mt8673 | * |
| mediatek | mt8675 | * |
| mediatek | mt8676 | * |
| mediatek | mt8678 | * |
| mediatek | mt8755 | * |
| mediatek | mt8771 | * |
| mediatek | mt8791 | * |
| mediatek | mt8791t | * |
| mediatek | mt8792 | * |
| mediatek | mt8793 | * |
| mediatek | mt8795t | * |
| mediatek | mt8797 | * |
| mediatek | mt8798 | * |
| mediatek | mt8863 | * |
| mediatek | mt8873 | * |
| mediatek | mt8883 | * |
| mediatek | mt8893 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-248 | An exception is thrown from a function, but it is not caught. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in the Modem where an incorrect bounds check can cause a system crash. It can be exploited remotely if a user equipment (UE) connects to a rogue base station controlled by an attacker. No user interaction or additional execution privileges are required to trigger the issue.
How can this vulnerability impact me? :
The vulnerability can lead to a remote denial of service (DoS) condition, causing the affected system to crash when connected to a malicious base station. This can disrupt normal device operation and availability.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch identified as MOLY01689251 to fix the incorrect bounds check causing the system crash. Avoid connecting to untrusted or rogue base stations to reduce the risk of remote denial of service.