{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-20637","assignerOrgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","state":"PUBLISHED","assignerShortName":"MediaTek","dateReserved":"2024-11-01T01:21:50.363Z","datePublished":"2025-02-03T03:23:54.470Z","dateUpdated":"2025-03-17T14:51:18.493Z"},"containers":{"cna":{"providerMetadata":{"orgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","shortName":"MediaTek","dateUpdated":"2025-02-03T03:23:54.470Z"},"descriptions":[{"lang":"en","value":"In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380."}],"affected":[{"vendor":"MediaTek, Inc.","product":"MT7981, MT7986","versions":[{"version":"SDK release 7.6.7.0 and before","status":"affected"}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/February-2025"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","cweId":"CWE-248","description":"CWE-248 Uncaught Exception"}]}]},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-02-03T16:18:07.435333Z","id":"CVE-2025-20637","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-17T14:51:18.493Z"}}]}}