CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20649

In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00396437; Issue ID: MSV-2184.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.1%

CVSS Severity

CVSS v3 Score 6.5

References

https://corp.mediatek.com/product-security-bulletin/March-2025

Products affected by CVE-2025-20649

Mediatek » Software Development Kit » Version: 2.4

cpe:2.3:a:mediatek:software_development_kit:2.4
Mediatek » Software Development Kit » Version: 2.5

cpe:2.3:a:mediatek:software_development_kit:2.5
Mediatek » Software Development Kit » Version: 3.3

cpe:2.3:a:mediatek:software_development_kit:3.3
Mediatek » Software Development Kit » Version: 3.5

cpe:2.3:a:mediatek:software_development_kit:3.5
Mediatek » Software Development Kit » Version: 3.6

cpe:2.3:a:mediatek:software_development_kit:3.6
Mediatek » Mt6880 » Version: N/A

cpe:2.3:h:mediatek:mt6880:-
Mediatek » Mt6890 » Version: N/A

cpe:2.3:h:mediatek:mt6890:-
Mediatek » Mt6980 » Version: N/A

cpe:2.3:h:mediatek:mt6980:-
Mediatek » Mt6990 » Version: N/A

cpe:2.3:h:mediatek:mt6990:-
Mediatek » Mt7663 » Version: N/A

cpe:2.3:h:mediatek:mt7663:-
Mediatek » Mt7902 » Version: N/A

cpe:2.3:h:mediatek:mt7902:-
Mediatek » Mt7925 » Version: N/A

cpe:2.3:h:mediatek:mt7925:-
Mediatek » Mt7927 » Version: N/A

cpe:2.3:h:mediatek:mt7927:-
Mediatek » Mt7961 » Version: N/A

cpe:2.3:h:mediatek:mt7961:-
Openwrt » Openwrt » Version: 23.05

cpe:2.3:o:openwrt:openwrt:23.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20649

Products

Pricing

Contact Us