Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2025
CVE-2025-20728
In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00447115; Issue ID: MSV-4276.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-11-04
CVE-2025-20729
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441512; Issue ID: MSV-4153.
CVSS Score
4.2
EPSS Score
0.0
Published
2025-11-04
CVE-2025-20726
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672598; Issue ID: MSV-4622.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-11-04
CVE-2025-20727
In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672601; Issue ID: MSV-4623.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-11-04
CVE-2025-20725
In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01671924; Issue ID: MSV-4620.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-11-04
CVE-2025-47362
Information disclosure while processing message from client with invalid payload.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-04
CVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-11-04
CVE-2025-47367
Memory corruption while accessing a buffer during IOCTL processing.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-11-04
CVE-2025-47368
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-11-04
CVE-2025-47370
Transient DOS when a remote device sends an invalid connection request during BT connectable LE scan.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-11-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved