CVE-2025-20637
First published: Mon Feb 03 2025(Updated: )
In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380.
Credit: security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| MediaTek Software Development Kit | <=7.6.7.0 | |
| Any of | ||
| MediaTek MT7981 Firmware | ||
| MediaTek MT7986 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-20637?
CVE-2025-20637 is classified as a critical vulnerability due to its potential for remote denial of service.
How do I fix CVE-2025-20637?
To fix CVE-2025-20637, apply the patch identified as WCNCR00399035.
What are the affected versions for CVE-2025-20637?
CVE-2025-20637 affects the MediaTek Software Development Kit versions up to and including 7.6.7.0.
Does CVE-2025-20637 require user interaction for exploitation?
No, CVE-2025-20637 does not require user interaction for exploitation.
What can be the impact of exploiting CVE-2025-20637?
The exploitation of CVE-2025-20637 can lead to a system hang, causing a denial of service remotely.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/author
- agent/source
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- vendor/mediatek
- canonical/mediatek software development kit
- version/mediatek software development kit/7.6.7.0
- canonical/mediatek mt7981 firmware
- canonical/mediatek mt7986