MediaTek Nr17r
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in MediaTek Nr17r.
By the Year
In 2026 there have been 0 vulnerabilities in MediaTek Nr17r. Last year, in 2025 Nr17r had 4 security vulnerabilities published. Right now, Nr17r is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 4 | 6.88 |
It may take a day or so for new Nr17r vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MediaTek Nr17r Security Vulnerabilities
IMS Service Crash Vulnerability Allows Remote DoS via Rogue Base Station
CVE-2025-20678
6.5 - Medium
- June 02, 2025
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.
Stack Exhaustion
Modem Certificate Validation Bypass (CVE-2025-20670)
CVE-2025-20670
5.7 - Medium
- May 05, 2025
In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.
Improper Certificate Validation
Modem IE via error handling in rogue base station
CVE-2025-20667
6.5 - Medium
- May 05, 2025
In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.
Inadequate Encryption Strength
Modem OOB Write RCE via Rogue Base Station (UE)
CVE-2025-20634
8.8 - High
- February 03, 2025
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MediaTek Nr17r or by MediaTek? Click the Watch button to subscribe.
