CVE-2025-20637

Published: Feb 3, 2025Modified: Mar 17, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380.

Affected (1)

Products: Mediatek: Software Development Kit

1 product

Software Development Kit

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Mediatek Software Development Kit	Up to 7.6.7.0

Running on/with	Platform Versions
Mediatek Mt7981	All versions
Mediatek Mt7986	All versions

Related CWEs

Uncaught Exception

An exception is thrown from a function, but it is not caught.

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (1)

https://corp.mediatek.com/product-security-bulletin/February-2025

Source: security@mediatek.com

Vendor Advisory

Timeline

No history available yet.