216.73.216.133

CVE-2025-20678

· Published 02/06/2025 03:15 · Modified 02/06/2025 17:32

Labels: CVE-2025-20678 2025-06-02CVE-2025-20678CWE-674[email protected]

Essential information

Published
02/06/2025 03:15
Modified
02/06/2025 17:32
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
mediatek / ims cpe:2.3:a:mediatek:ims:*:*:*:*:*:*:*:*

References