CVE-2025-20667
HIGHDescription
In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.
Is your site exposed to CVE-2025-20667?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| mediatek | lr12a |
| mediatek | lr13 |
| mediatek | nr15 |
| mediatek | nr16 |
| mediatek | nr17 |
| mediatek | nr17r |
| mediatek | mt2735 |
| mediatek | mt2737 |
| mediatek | mt6739 |
| mediatek | mt6761 |
| mediatek | mt6762 |
| mediatek | mt6762d |
| mediatek | mt6762m |
| mediatek | mt6763 |
| mediatek | mt6765 |
| mediatek | mt6765t |
| mediatek | mt6767 |
| mediatek | mt6768 |
| mediatek | mt6769 |
| mediatek | mt6769k |
| mediatek | mt6769s |
| mediatek | mt6769t |
| mediatek | mt6769z |
| mediatek | mt6771 |
| mediatek | mt6779 |
| mediatek | mt6781 |
| mediatek | mt6783 |
| mediatek | mt6785 |
| mediatek | mt6785t |
| mediatek | mt6785u |
| mediatek | mt6789 |
| mediatek | mt6813 |
| mediatek | mt6833 |
| mediatek | mt6833p |
| mediatek | mt6835 |
| mediatek | mt6835t |
| mediatek | mt6853 |
| mediatek | mt6853t |
| mediatek | mt6855 |
| mediatek | mt6855t |
| mediatek | mt6873 |
| mediatek | mt6875 |
| mediatek | mt6875t |
| mediatek | mt6877 |
| mediatek | mt6877t |
| mediatek | mt6877tt |
| mediatek | mt6878 |
| mediatek | mt6878m |
| mediatek | mt6879 |
| mediatek | mt6880 |
| mediatek | mt6883 |
| mediatek | mt6885 |
| mediatek | mt6886 |
| mediatek | mt6889 |
| mediatek | mt6890 |
| mediatek | mt6891 |
| mediatek | mt6893 |
| mediatek | mt6895 |
| mediatek | mt6895tt |
| mediatek | mt6896 |
| mediatek | mt6897 |
| mediatek | mt6899 |
| mediatek | mt6980 |
| mediatek | mt6980d |
| mediatek | mt6983 |
| mediatek | mt6983t |
| mediatek | mt6985 |
| mediatek | mt6985t |
| mediatek | mt6989 |
| mediatek | mt6989t |
| mediatek | mt6990 |
| mediatek | mt6991 |
| mediatek | mt8666 |
| mediatek | mt8667 |
| mediatek | mt8675 |
| mediatek | mt8676 |
| mediatek | mt8765 |
| mediatek | mt8766 |
| mediatek | mt8768 |
| mediatek | mt8771 |
| mediatek | mt8781 |
| mediatek | mt8786 |
| mediatek | mt8788 |
| mediatek | mt8788e |
| mediatek | mt8789 |
| mediatek | mt8791 |
| mediatek | mt8791t |
| mediatek | mt8797 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-20667? +
How severe is CVE-2025-20667? +
What products are affected by CVE-2025-20667? +
How do I check if I'm vulnerable to CVE-2025-20667? +
Related Vulnerabilities
A vulnerability exists in Algo Edge up to 2.1.1 - a previously used (legacy) component of navify® Algorithm Suite. The …
Programs/P73_SimplePythonEncryption.py illustrates a simple Python encryption example using the RSA Algorithm. In versions prior to commit 6ce60b1, an attacker may …
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary OS Commands via encrypted package upload.This issue affects Envoy: …
The use of a weak cryptographic key pair in the signature verification process in WPS Office (Kingsoft) on Windows allows …
Note Mark is an open-source note-taking application. Prior to 0.19.4, no minimum length or entropy is enforced on the JWT_SECRET …
Non-Compliant TLS Configuration.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 .