CVE-2025-20958

Name of the Vulnerable Software and Affected Versions UnifiedWFC versions prior to SMR May-2025 Release 1

Description The issue is related to improper verification of intent by a broadcast receiver, allowing local attackers to manipulate VoWiFi related behaviors. This could potentially be exploited by attackers to alter the expected functionality of VoWiFi.

Recommendations For UnifiedWFC versions prior to SMR May-2025 Release 1, update to SMR May-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the broadcast receiver to minimize the risk of exploitation.