CVE-2025-20687

Medium CVSS 5.5

Overview

In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481.

CWE: CWE-125 Published: 2025-07-08T03:15:28.143

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.5 (MEDIUM)
Detected tags: dos, oob_read (tag impact: LOW)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.

Overview

Recommended tools

Tags