← volver
CVE-2025-20705

CVE-2025-20705

CVSS 7.8 HIGHEPSS 0.1%CWE-416
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 sep 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
MediaTek, Inc. · MT2718, MT2735, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6899, MT6980D, MT6983, MT6985, MT6989, MT6990, MT6991, MT8169, MT8186, MT8188, MT8676, MT8678, MT8696, MT8775, MT8792, MT8796

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://corp.mediatek.com/product-security-bulletin/September-2025