Out of Bounds Read Vulnerability in MediaTek Products
CVE-2025-20651
4.1MEDIUM
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 3 March 2025
Summary
An out of bounds read vulnerability exists in MediaTek devices due to a missing bounds check. This flaw may allow an attacker with physical access to the device to disclose sensitive information, while requiring user interaction for successful exploitation. It highlights the crucial need for secure device management practices to mitigate potential risks.
Affected Version(s)
MT2737, MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8370, MT8390, MT8676, MT8678 Android 13.0, 14.0, 15.0 / openWRT 21.02, 23.05 / Yocto 4.0 / RDK-B 22Q3, 24Q1
References
CVSS V3.1
Score:
4.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved