CVE-2025-20637 — Uncaught Exception in Software Development KIT

CWE-248 — Uncaught Exception CWE-754 — Improper Check for Unusual or Exceptional Conditions3 documents3 sources

Severity

7.5HIGHNVD

EPSS

4.8%

top 10.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mediatek Software Development KIT

Timeline

PublishedFeb 3

Description

In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDmediatek/software_development_kit7.6.7.0

🔴Vulnerability Details

CVEList

CVE-2025-20637: In network HW, there is a possible system hang due to an uncaught exception↗2025-02-03

▶

GHSA

GHSA-qwc4-4mwx-cwrr: In network HW, there is a possible system hang due to an uncaught exception↗2025-02-03

▶