CVE-2025-20670 in MT2737informazioni

Riassunto

di MITRE • 05/05/2025

In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsabile

MediaTek

Prenotare

01/11/2024

Divulgazione

05/05/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00270

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!