VYPR

Modem

by Mediatek

CVEs (15)

  • CVE-2025-20634CriFeb 3, 2025
    risk 0.64cvss 9.8epss 0.01

    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2025-20667HigMay 5, 2025
    risk 0.49cvss 7.5epss 0.00

    In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…

  • CVE-2025-20666HigMay 5, 2025
    risk 0.49cvss 7.5epss 0.01

    In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2024-52924HigMar 6, 2025
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the…

  • CVE-2024-20077HigJul 1, 2024
    risk 0.49cvss 7.5epss 0.01

    In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482.

  • CVE-2026-20431MedApr 7, 2026
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2025-20659MedApr 7, 2025
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2025-20647MedMar 3, 2025
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2025-20644MedMar 3, 2025
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed…

  • CVE-2025-20670MedMay 5, 2025
    risk 0.37cvss 5.7epss 0.00

    In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed…

  • CVE-2024-45185MedNov 4, 2024
    risk 0.33cvss 5.1epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, Modem 5300. There is an out-of-bounds write due to a heap overflow in the GPRS…

  • CVE-2024-48883MedJan 13, 2025
    risk 0.28cvss 4.3epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling…

  • CVE-2025-20762Jan 6, 2026
    risk 0.00cvss epss 0.00

    In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2025-20791Dec 2, 2025
    risk 0.00cvss epss 0.00

    In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2025-20726Nov 4, 2025
    risk 0.00cvss epss 0.00

    In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…