CVE-2025-20659

Medium CVSS: 6.5

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.

Vendor

Mediatek

Product

Mt2735 Firmware

CWE

CWE-125

Yayın Tarihi

2025-04-07 04:15:19

Güncelleme

2026-02-17 15:16:07

Source Identifier

security@mediatek.com

KEV Date Added

Kategoriler

CWE-125 Mt2735 Firmware MEDIUM Mediatek 2025

Referanslar

https://corp.mediatek.com/product-security-bulletin/April-2025

Benzer Kayıtlar

Medium

CVE-2026-20446

In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of serv…

High

CVE-2026-20430

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (prox…

High

CVE-2026-20434

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of…

Medium

CVE-2026-20436

In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local…

High

CVE-2026-20423

In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local esca…

Medium

CVE-2026-20420

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service,…