Shodan
Vulnerabilities
Vulnerable Software
Mediatek:  >> Lr12a  Security Vulnerabilities
CVE-2025-20726
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672598; Issue ID: MSV-4622.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-11-04
CVE-2025-20727
In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672601; Issue ID: MSV-4623.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-04
CVE-2025-20725
In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01671924; Issue ID: MSV-4620.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-11-04
CVE-2025-20678
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-06-02
CVE-2025-20667
In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-05-05
CVE-2024-20150
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.
CVSS Score
7.5
EPSS Score
0.02
Published
2025-01-06
CVE-2024-20077
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482.
CVSS Score
7.5
EPSS Score
0.031
Published
2024-07-01
CVE-2024-20076
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481.
CVSS Score
7.5
EPSS Score
0.031
Published
2024-07-01
CVE-2024-20039
In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.
CVSS Score
8.8
EPSS Score
0.054
Published
2024-04-01
CVE-2023-32840
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).
CVSS Score
6.5
EPSS Score
0.0
Published
2023-11-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved