CVE-2025-20643

low

Description

In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS09291146; Issue ID: MSV-2056.

References

https://corp.mediatek.com/product-security-bulletin/February-2025

Details

Source: Mitre, NVD

Published: 2025-02-03

Updated: 2025-02-04

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:L/AC:L/Au:M/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 3.9

Vector: CVSS:3.0/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

Severity: Low

Detections

Analytics