CVE-2025-20634

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-20634

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

I

n Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/February-2025 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr17r:-:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*
History

18 Feb 2025, 19:15

Type Values Removed Values Added
Summary
  • (es) En el módem, existe una posible escritura fuera de los límites debido a un neutra. Esto podría provocar la ejecución remota de código, si un UE se ha conectado a una estación base no autorizada controlada por el atacante, sin necesidad de privilegios de ejecución adicionales. No se necesita la interacción del usuario para la explotación. ID de parche: MOLY01289384; ID de problema: MSV-2436.

03 Feb 2025, 18:17

Type Values Removed Values Added
CPE cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr17r:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
References () https://corp.mediatek.com/product-security-bulletin/February-2025 - () https://corp.mediatek.com/product-security-bulletin/February-2025 - Vendor Advisory
First Time Mediatek mt6990
Mediatek mt8676
Mediatek mt6879
Mediatek mt6897
Mediatek mt6985t
Mediatek nr17
Mediatek mt6980
Mediatek mt6899
Mediatek nr16
Mediatek mt6983
Mediatek mt6878m
Mediatek mt6878
Mediatek nr17r
Mediatek mt8795t
Mediatek mt2737
Mediatek
Mediatek mt6983t
Mediatek mt6895tt
Mediatek mt8678
Mediatek mt8863
Mediatek mt6980d
Mediatek mt6985
Mediatek mt6835
Mediatek mt6886
Mediatek mt6813
Mediatek mt8798
Mediatek mt8673
Mediatek mt6991
Mediatek mt6989
Mediatek mt6989t
Mediatek mt6896
Mediatek mt6895
Mediatek mt6835t

03 Feb 2025, 17:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8

03 Feb 2025, 04:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-02-03 04:15

Updated : 2026-02-17 15:16

NVD link : CVE-2025-20634

Mitre link : CVE-2025-20634

CVE.ORG link : CVE-2025-20634

JSON object : View

Products Affected

mediatek

CWE
CWE-787

Out-of-bounds Write