ГлавнаяУязвимости → CVE-2025-20667
7.5высокая

CVE-2025-20667

Описание

In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.

Затрагиваемое ПО
Mediatek Lr12aMediatek Lr13Mediatek Nr15Mediatek Nr16Mediatek Nr17Mediatek Nr17rMediatek Mt2735Mediatek Mt2737Mediatek Mt6739Mediatek Mt6761Mediatek Mt6762Mediatek Mt6762dMediatek Mt6762mMediatek Mt6763Mediatek Mt6765Mediatek Mt6765tMediatek Mt6767Mediatek Mt6768Mediatek Mt6769Mediatek Mt6769kMediatek Mt6769sMediatek Mt6769tMediatek Mt6769zMediatek Mt6771Mediatek Mt6779
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://corp.mediatek.com/product-security-bulletin/May-2025