PT-2025-23454 · Mediatek · Mediatek Chip Ims Service
Published
2025-06-02
·
Updated
2026-02-17
·
CVE-2025-20678
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
MediaTek chip IMS service (affected versions not specified)
Description
The issue is related to incorrect error handling in the ims service, which could lead to a system crash and result in a remote denial of service. This can occur if a UE connects to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not required for exploitation.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Uncontrolled Recursion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mediatek Chip Ims Service