Auto-Update: 2025-09-01T08:00:15.203283+00:00

Author: cad-safe-bot

CVE-2024/CVE-2024-139xx/CVE-2024-13987.json

@@ -2,20 +2,20 @@
   "id": "CVE-2024-13987",
   "sourceIdentifier": "security@synology.com",
   "published": "2025-08-29T08:15:31.050",
-  "lastModified": "2025-08-29T16:24:29.730",
+  "lastModified": "2025-09-01T02:15:40.770",
   "vulnStatus": "Awaiting Analysis",
   "cveTags": [],
   "descriptions": [
     {
       "lang": "en",
-      "value": "Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server before 3.0.27-0139 allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors."
+      "value": "Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors."
     }
   ],
   "metrics": {
     "cvssMetricV31": [
       {
         "source": "security@synology.com",
-        "type": "Primary",
+        "type": "Secondary",
         "cvssData": {
           "version": "3.1",
           "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
@@ -38,7 +38,7 @@
   "weaknesses": [
     {
       "source": "security@synology.com",
-      "type": "Primary",
+      "type": "Secondary",
       "description": [
         {
           "lang": "en",

CVE-2025/CVE-2025-207xx/CVE-2025-20703.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-20703",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2025-09-01T06:15:33.357",
+  "lastModified": "2025-09-01T06:15:33.357",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01599794; Issue ID: MSV-3708."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@mediatek.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-125"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/September-2025",
+      "source": "security@mediatek.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-207xx/CVE-2025-20704.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-20704",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2025-09-01T06:15:34.630",
+  "lastModified": "2025-09-01T06:15:34.630",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01516959; Issue ID: MSV-3502."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@mediatek.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-787"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/September-2025",
+      "source": "security@mediatek.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-207xx/CVE-2025-20705.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-20705",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2025-09-01T06:15:34.800",
+  "lastModified": "2025-09-01T06:15:34.800",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@mediatek.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/September-2025",
+      "source": "security@mediatek.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-207xx/CVE-2025-20706.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-20706",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2025-09-01T06:15:34.967",
+  "lastModified": "2025-09-01T06:15:34.967",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In mbrain, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09924624; Issue ID: MSV-3826."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@mediatek.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/September-2025",
+      "source": "security@mediatek.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-207xx/CVE-2025-20707.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-20707",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2025-09-01T06:15:35.123",
+  "lastModified": "2025-09-01T06:15:35.123",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09924201; Issue ID: MSV-3820."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@mediatek.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/September-2025",
+      "source": "security@mediatek.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-207xx/CVE-2025-20708.json

@@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-20708",
+  "sourceIdentifier": "security@mediatek.com",
+  "published": "2025-09-01T06:15:35.287",
+  "lastModified": "2025-09-01T06:15:35.287",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01123853; Issue ID: MSV-4131."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "security@mediatek.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-787"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://corp.mediatek.com/product-security-bulletin/September-2025",
+      "source": "security@mediatek.com"
+    }
+  ]
+}

CVE-2025/CVE-2025-548xx/CVE-2025-54857.json

@@ -0,0 +1,104 @@
+{
+  "id": "CVE-2025-54857",
+  "sourceIdentifier": "vultures@jpcert.or.jp",
+  "published": "2025-09-01T06:15:35.453",
+  "lastModified": "2025-09-01T06:15:35.453",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge BASIC MB-A130 Ver.1.5.8 and earlier. If exploited, a remote unauthenticated attacker may execute arbitrary OS commands with root privileges."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 9.3,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "HIGH",
+          "vulnIntegrityImpact": "HIGH",
+          "vulnAvailabilityImpact": "HIGH",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV30": [
+      {
+        "source": "vultures@jpcert.or.jp",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "vultures@jpcert.or.jp",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-78"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://jvn.jp/en/jp/JVN22016482/",
+      "source": "vultures@jpcert.or.jp"
+    },
+    {
+      "url": "https://www.seiko-sol.co.jp/archives/90289/",
+      "source": "vultures@jpcert.or.jp"
+    }
+  ]
+}