CVE-2025-20667

In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for...

CVE-2025-20671

In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228...

CVE-2025-20668

In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027...

CVE-2025-20670

In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation...

CVE-2025-20670

In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation...

CVE-2025-20668

CVE-2025-20668 affects OpenSSH scp; a missing bounds check allows an out-of-bounds write that could enable local privilege escalation without user interaction. Several sources (including PT-2025-19332 and NVD) describe the issue and cite Patch ID ALPS09625562 and Issue ID MSV-3027, but provided d...

CVE-2025-20668

In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027...

CVE-2025-20671

CVE-2025-20671 concerns MediaTek chipsets. The issue is an out-of-bounds write caused by a race condition in the thermal subsystem, enabling local escalation of privilege for an attacker already with System privileges. Exploitation reportedly does not require user interaction. A patch is listed (...

CVE-2025-20671

In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228...

CVE-2025-20666

CVE-2025-20666 affects MediaTek’s Modem component. The issue is an uncaught exception in Modem that can crash the system, enabling remote denial-of-service when a UE connects to a rogue base station; no user interaction or additional privileges are required. Patch MOLY00650610 (Issue MSV-2933) is...

CVE-2025-20666

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID...

CVE-2025-20659

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

CVE-2025-20660

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186...

CVE-2025-20657

In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609...

CVE-2025-20658

In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID:...

CVE-2025-20663

In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00408868; Issue ID: MSV-30...

CVE-2025-20656

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423...

CVE-2025-20661

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185...

CVE-2025-20663

In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00408868; Issue ID: MSV-30...

CVE-2025-20662

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184...