Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2025
CVE-2025-20663
In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00408868; Issue ID: MSV-3031.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-04-07
CVE-2025-20664
In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406217; Issue ID: MSV-2773.
CVSS Score
7.5
EPSS Score
0.003
Published
2025-04-07
CVE-2025-31170
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-04-07
CVE-2025-31171
File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-04-07
CVE-2025-31172
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-04-07
CVE-2024-58127
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVSS Score
8.4
EPSS Score
0.001
Published
2025-04-07
CVE-2025-20654
In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875.
CVSS Score
9.8
EPSS Score
0.014
Published
2025-04-07
CVE-2025-20655
In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20656
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20657
In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved