CVE-2025-20725
7.5
Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.6 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01671924; Issue ID: MSV-4620.
Affected (3)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt2735 | All versions |
Mediatek Mt2737 | All versions |
Mediatek Mt6739 | All versions |
Mediatek Mt6761 | All versions |
Mediatek Mt6762 | All versions |
Mediatek Mt6762d | All versions |
Mediatek Mt6762m | All versions |
Mediatek Mt6763 | All versions |
Mediatek Mt6765 | All versions |
Mediatek Mt6765t | All versions |
Mediatek Mt6767 | All versions |
Mediatek Mt6768 | All versions |
Mediatek Mt6769 | All versions |
Mediatek Mt6769k | All versions |
Mediatek Mt6769s | All versions |
Mediatek Mt6769t | All versions |
Mediatek Mt6769z | All versions |
Mediatek Mt6771 | All versions |
Mediatek Mt6833 | All versions |
Mediatek Mt6833p | All versions |
Mediatek Mt6853 | All versions |
Mediatek Mt6853t | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6855t | All versions |
Mediatek Mt6873 | All versions |
Mediatek Mt6875 | All versions |
Mediatek Mt6875t | All versions |
Mediatek Mt6877 | All versions |
Mediatek Mt6877t | All versions |
Mediatek Mt6877tt | All versions |
Mediatek Mt6879 | All versions |
Mediatek Mt6880 | All versions |
Mediatek Mt6883 | All versions |
Mediatek Mt6885 | All versions |
Mediatek Mt6886 | All versions |
Mediatek Mt6889 | All versions |
Mediatek Mt6890 | All versions |
Mediatek Mt6891 | All versions |
Mediatek Mt6893 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6895tt | All versions |
Mediatek Mt6896 | All versions |
Mediatek Mt6980 | All versions |
Mediatek Mt6980d | All versions |
Mediatek Mt6983 | All versions |
Mediatek Mt6983t | All versions |
Mediatek Mt6985 | All versions |
Mediatek Mt6985t | All versions |
Mediatek Mt6989 | All versions |
Mediatek Mt6989t | All versions |
Mediatek Mt6990 | All versions |
Mediatek Mt8666 | All versions |
Mediatek Mt8667 | All versions |
Mediatek Mt8673 | All versions |
Mediatek Mt8675 | All versions |
Mediatek Mt8765 | All versions |
Mediatek Mt8766 | All versions |
Mediatek Mt8766r | All versions |
Mediatek Mt8768 | All versions |
Mediatek Mt8771 | All versions |
Mediatek Mt8786 | All versions |
Mediatek Mt8788 | All versions |
Mediatek Mt8788e | All versions |
Mediatek Mt8791 | All versions |
Mediatek Mt8791t | All versions |
Mediatek Mt8795t | All versions |
Mediatek Mt8797 | All versions |
Mediatek Mt8798 | All versions |
Mediatek Mt8893 | All versions |
References (1)
Source: security@mediatek.com
Vendor Advisory
Timeline
No history available yet.