{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T10:13:16.400","vulnerabilities":[{"cve":{"id":"CVE-2025-20701","sourceIdentifier":"security@mediatek.com","published":"2025-08-04T07:15:28.027","lastModified":"2026-06-21T09:16:24.777","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."},{"lang":"es","value":"En Airoha Bluetooth audio SDK, existe una forma de emparejar un dispositivo de audio Bluetooth sin el consentimiento del usuario. Esto podría conllevar una escalada remota de privilegios sin necesidad de permisos de ejecución adicionales. No se requiere la interacción del usuario para la explotación."}],"affected":[{"source":"security@mediatek.com","affectedData":[{"vendor":"Airoha Technology Corp.","product":"AB156x, AB157x, AB158x, AB159x series","versions":[{"version":"Airoha IoT SDK for BT audio v5.5.0 and earlier","status":"affected"},{"version":"Airoha AB1561x/AB1562x/AB1563x SDK v3.3.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-08-05T03:56:10.880579Z","id":"CVE-2025-20701","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@mediatek.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://www.airoha.com/product-security-bulletin/2025","source":"security@mediatek.com"},{"url":"http://seclists.org/fulldisclosure/2026/Jun/18","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}