Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-20756

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.

Published

2025-12-02T03:16:16.907

Last Modified

2025-12-03T21:40:10.443

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-1287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	mediatek	nr15	-	Yes
Hardware	mediatek	mt2735	-	No
Hardware	mediatek	mt6833	-	No
Hardware	mediatek	mt6833p	-	No
Hardware	mediatek	mt6853	-	No
Hardware	mediatek	mt6853t	-	No
Hardware	mediatek	mt6855	-	No
Hardware	mediatek	mt6855t	-	No
Hardware	mediatek	mt6873	-	No
Hardware	mediatek	mt6875	-	No
Hardware	mediatek	mt6875t	-	No
Hardware	mediatek	mt6877	-	No
Hardware	mediatek	mt6877t	-	No
Hardware	mediatek	mt6877tt	-	No
Hardware	mediatek	mt6880	-	No
Hardware	mediatek	mt6883	-	No
Hardware	mediatek	mt6885	-	No
Hardware	mediatek	mt6889	-	No
Hardware	mediatek	mt6890	-	No
Hardware	mediatek	mt6891	-	No
Hardware	mediatek	mt6893	-	No
Hardware	mediatek	mt8673	-	No
Hardware	mediatek	mt8675	-	No
Hardware	mediatek	mt8676	-	No
Hardware	mediatek	mt8678	-	No
Hardware	mediatek	mt8755	-	No
Hardware	mediatek	mt8771	-	No
Hardware	mediatek	mt8791	-	No
Hardware	mediatek	mt8791t	-	No
Hardware	mediatek	mt8792	-	No
Hardware	mediatek	mt8793	-	No
Hardware	mediatek	mt8795t	-	No
Hardware	mediatek	mt8797	-	No
Hardware	mediatek	mt8798	-	No
Hardware	mediatek	mt8863	-	No
Hardware	mediatek	mt8873	-	No
Hardware	mediatek	mt8883	-	No
Hardware	mediatek	mt8893	-	No

References

https://corp.mediatek.com/product-security-bulletin/December-2025 Vendor Advisory ([email protected])