What is the severity of CVE-2025-20666?

The severity of CVE-2025-20666 is high due to its potential to cause a remote denial of service.

How do I fix CVE-2025-20666?

To fix CVE-2025-20666, users must apply the appropriate security patches provided by MediaTek.

What systems are affected by CVE-2025-20666?

CVE-2025-20666 affects devices running Mediatek LR15, specifically when connected to untrusted base stations.

What kind of attack is possible with CVE-2025-20666?

CVE-2025-20666 can be exploited by an attacker connecting a rogue base station, causing a system crash.

Is user interaction required to exploit CVE-2025-20666?

No, user interaction is not needed for exploiting CVE-2025-20666.

Vulnerability/
CVE-2025-20666

high

7.5

CWE

617

5/5/2025

6/5/2025

CVE-2025-20666

First published: Mon May 05 2025(Updated: )

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.

Credit: security@mediatek.com

Affected Software	Affected Version	How to fix
All of
Mediatek LR15
Any of
MediaTek MT2735
MediaTek MT6833
MediaTek MT6833
MediaTek MT6853
MediaTek MT6853T
MediaTek MT6855
MediaTek MT6855T
MediaTek MT6873
MediaTek MT6875T
MediaTek MT6875T
MediaTek MT6877
MediaTek MT6877T
Mediatek Mt6877tt
MediaTek MT6880
MediaTek MT6883
MediaTek MT6885
MediaTek MT6889
MediaTek MT6890
MediaTek MT6891
MediaTek MT6893
MediaTek MT8666
MediaTek MT8667
MediaTek MT8673
MediaTek MT8675
MediaTek MT8771
MediaTek MT8791 WiFi
MediaTek MT8791T
MediaTek MT8795T
MediaTek MT8797 WiFi
MediaTek MT8798

Never miss a vulnerability like this again

Reference Links

https://corp.mediatek.com/product-security-bulletin/May-2025

Frequently Asked Questions

What is the severity of CVE-2025-20666?
The severity of CVE-2025-20666 is high due to its potential to cause a remote denial of service.
How do I fix CVE-2025-20666?
To fix CVE-2025-20666, users must apply the appropriate security patches provided by MediaTek.
What systems are affected by CVE-2025-20666?
CVE-2025-20666 affects devices running Mediatek LR15, specifically when connected to untrusted base stations.
What kind of attack is possible with CVE-2025-20666?
CVE-2025-20666 can be exploited by an attacker connecting a rogue base station, causing a system crash.
Is user interaction required to exploit CVE-2025-20666?
No, user interaction is not needed for exploiting CVE-2025-20666.

Frequently Asked Questions

What is the severity of CVE-2025-20666?
The severity of CVE-2025-20666 is high due to its potential to cause a remote denial of service.
How do I fix CVE-2025-20666?
To fix CVE-2025-20666, users must apply the appropriate security patches provided by MediaTek.
What systems are affected by CVE-2025-20666?
CVE-2025-20666 affects devices running Mediatek LR15, specifically when connected to untrusted base stations.
What kind of attack is possible with CVE-2025-20666?
CVE-2025-20666 can be exploited by an attacker connecting a rogue base station, causing a system crash.
Is user interaction required to exploit CVE-2025-20666?
No, user interaction is not needed for exploiting CVE-2025-20666.

CVE-2025-20666

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-20666?

How do I fix CVE-2025-20666?

What systems are affected by CVE-2025-20666?

What kind of attack is possible with CVE-2025-20666?

Is user interaction required to exploit CVE-2025-20666?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2025-20666?

How do I fix CVE-2025-20666?

What systems are affected by CVE-2025-20666?

What kind of attack is possible with CVE-2025-20666?

Is user interaction required to exploit CVE-2025-20666?