CVE-2025-20727

High

Published: 04 November 2025

Published

04 November 2025

Modified

04 February 2026

KEV Added

—

Patch

—

CVSS Score 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0018 38.6th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2025-20727 is a heap buffer overflow vulnerability in the Modem component, resulting in an out-of-bounds write. It affects MediaTek products incorporating this modem software. Published on 2025-11-04T07:15:34.540, the issue is tracked under CWE-787 and carries a CVSS v3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

The vulnerability can be exploited remotely by an attacker who controls a rogue base station. When user equipment (UE) connects to the rogue base station, the attacker can trigger the heap buffer overflow, leading to escalation of privilege. No additional execution privileges or user interaction are required.

MediaTek's November 2025 product security bulletin addresses the issue with Patch ID MOLY01672601 for Issue ID MSV-4623. Practitioners should consult https://corp.mediatek.com/product-security-bulletin/November-2025 for mitigation guidance and patch deployment details.

Details

CWE(s): CWE-787

Affected Products

mediatek

lr12a

all versions

mediatek

nr15

all versions

mediatek

nr16

all versions

mediatek

nr17

all versions

mediatek

nr17r

all versions

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Heap buffer overflow in modem exploited remotely via rogue base station, directly leading to privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://corp.mediatek.com/product-security-bulletin/November-2025
Vendor Advisory · security@mediatek.com