CVE-2025-20644

HIGH Year: 2025
CVSS v3 Score
7.5
High
Weakness Type
CWE-1286
View all →

Vulnerability Description

In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.

Related Vulnerabilities

CVE-2021-31987

HIGH
CVSS:7.5(High)

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.

CWE-12862021

CVE-2021-44695

HIGH
CVSS:7.5(High)

Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device.

CWE-12862021

CVE-2022-1941

HIGH
CVSS:7.5(High)

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and inc...

CWE-12862022

CVE-2022-22192

HIGH
CVSS:7.5(High)

An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Deni...

CWE-12862022

CVE-2023-28985

HIGH
CVSS:7.5(High)

An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based...

CWE-12862023

CVE-2023-32649

HIGH
CVSS:7.5(High)

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unaut...

CWE-12862023