BT Firmware Uncaught Exception Remote DoS
CVE-2025-20695 Published on July 8, 2025

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.

NVD

Vulnerability Analysis

Attack Vector:
ADJACENT_NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH

Weakness Type

What is a buffer underrun Vulnerability?

The software writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer. This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used.

CVE-2025-20695 has been classified to as a buffer underrun vulnerability or weakness.


Products Associated with CVE-2025-20695

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-20695 are published in these products:

MediaTek Software Development Kit
 
Google Android
 
Openwrt
 

Affected Versions

MediaTek, Inc. MT6639, MT6653, MT6985, MT6989, MT6990, MT6991, MT7925, MT7927, MT8196, MT8678, MT8796 Version Android 13.0, 14.0, 15.0 / SDK release 3.7 and before / openWRT 21.02, 23.05 is affected by CVE-2025-20695

Exploit Probability

EPSS
0.05%
Percentile
13.55%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.