CVE-2025-20792

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-20792
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01717526; Issue ID: MSV-5591.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/December-2025 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877tt:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
History

03 Dec 2025, 20:32

Type Values Removed Values Added
First Time Mediatek mt6885
Mediatek mt6875t
Mediatek nr15
Mediatek mt6877
Mediatek mt6893
Mediatek mt6853
Mediatek mt6855
Mediatek mt6883
Mediatek mt6853t
Mediatek mt6877tt
Mediatek mt6873
Mediatek mt6877t
Mediatek mt6891
Mediatek mt2735
Mediatek mt6833p
Mediatek mt6889
Mediatek mt6833
Mediatek mt8791t
Mediatek mt6880
Mediatek mt6890
Mediatek mt6875
Mediatek mt6855t
Mediatek
References () https://corp.mediatek.com/product-security-bulletin/December-2025 - () https://corp.mediatek.com/product-security-bulletin/December-2025 - Vendor Advisory
CPE cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877tt:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*

02 Dec 2025, 15:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3

02 Dec 2025, 03:16

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-02 03:16

Updated : 2025-12-03 20:32

NVD link : CVE-2025-20792

Mitre link : CVE-2025-20792

CVE.ORG link : CVE-2025-20792

JSON object : View

Products Affected

mediatek

  • mt6855
  • mt6880
  • mt6855t
  • mt6873
  • mt6875
  • mt6875t
  • mt6893
  • nr15
  • mt6833p
  • mt2735
  • mt6877t
  • mt8791t
  • mt6883
  • mt6877
  • mt6891
  • mt6833
  • mt6853
  • mt6890
  • mt6853t
  • mt6877tt
  • mt6885
  • mt6889
CWE
CWE-617

Reachable Assertion