CVE-2025-20792 - Vulnerability Details

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0008.

Key SSVC decision points have not yet been added.

Vendors	Products
Mediatek	Mt2735 Mt6833 Mt6833p Mt6853 Mt6853t Mt6855 Mt6855t Mt6873 Mt6875 Mt6875t Mt6877 Mt6877t Mt6877tt Mt6880 Mt6883 Mt6885 Mt6889 Mt6890 Mt6891 Mt6893 Mt8791t

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Mediatek	Mt2735 Mt6833 Mt6833p Mt6853 Mt6853t Mt6855 Mt6855t Mt6873 Mt6875 Mt6875t Mt6877 Mt6877t Mt6877tt Mt6880 Mt6883 Mt6885 Mt6889 Mt6890 Mt6891 Mt6893 Mt8791t

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/December-2025

History

Tue, 02 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mediatek Mediatek mt2735 Mediatek mt6833 Mediatek mt6833p Mediatek mt6853 Mediatek mt6853t Mediatek mt6855 Mediatek mt6855t Mediatek mt6873 Mediatek mt6875 Mediatek mt6875t Mediatek mt6877 Mediatek mt6877t Mediatek mt6877tt Mediatek mt6880 Mediatek mt6883 Mediatek mt6885 Mediatek mt6889 Mediatek mt6890 Mediatek mt6891 Mediatek mt6893 Mediatek mt8791t
Vendors & Products		Mediatek Mediatek mt2735 Mediatek mt6833 Mediatek mt6833p Mediatek mt6853 Mediatek mt6853t Mediatek mt6855 Mediatek mt6855t Mediatek mt6873 Mediatek mt6875 Mediatek mt6875t Mediatek mt6877 Mediatek mt6877t Mediatek mt6877tt Mediatek mt6880 Mediatek mt6883 Mediatek mt6885 Mediatek mt6889 Mediatek mt6890 Mediatek mt6891 Mediatek mt6893 Mediatek mt8791t

Tue, 02 Dec 2025 03:15:00 +0000

Type	Values Removed	Values Added
Description		In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.
Weaknesses		CWE-617
References		https://corp.mediatek.com/product-security-bulletin/December-2025

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2025-12-02T02:34:02.269Z

Updated: 2025-12-02T02:34:02.269Z

Reserved: 2024-11-01T01:21:50.402Z

Link: CVE-2025-20792

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-02T03:16:20.193

Modified: 2025-12-02T03:16:20.193

Link: CVE-2025-20792

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-12-02T11:58:16Z

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object