CVE-2025-20695

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:23.05:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt6639:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6653:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*

History

09 Jul 2025, 17:22

Type Values Removed Values Added
First Time Mediatek software Development Kit
Mediatek mt8196
Google
Openwrt
Mediatek
Mediatek mt7925
Mediatek mt8796
Mediatek mt8678
Mediatek mt6985
Mediatek mt6639
Mediatek mt6989
Mediatek mt6653
Mediatek mt6990
Openwrt openwrt
Mediatek mt7927
Mediatek mt6991
Google android
References () https://corp.mediatek.com/product-security-bulletin/July-2025 - () https://corp.mediatek.com/product-security-bulletin/July-2025 - Vendor Advisory
CPE cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6639:-:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:23.05:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6653:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
CWE CWE-787

08 Jul 2025, 14:15

Type Values Removed Values Added
Summary
  • (es) En el firmware de Bluetooth, existe un posible fallo del sistema debido a una excepción no detectada. Esto podría provocar una denegación de servicio remota sin necesidad de privilegios de ejecución adicionales. No se requiere la interacción del usuario para su explotación. ID de parche: ALPS09741871; ID de problema: MSV-3317.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

08 Jul 2025, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-07-08 03:15

Updated : 2025-07-09 17:22


NVD link : CVE-2025-20695

Mitre link : CVE-2025-20695

CVE.ORG link : CVE-2025-20695


JSON object : View

Products Affected

mediatek

  • software_development_kit
  • mt6990
  • mt6985
  • mt8796
  • mt8196
  • mt6991
  • mt6653
  • mt8678
  • mt7927
  • mt6639
  • mt6989
  • mt7925

openwrt

  • openwrt

google

  • android
CWE
CWE-124

Buffer Underwrite ('Buffer Underflow')

CWE-787

Out-of-bounds Write