Out of Bounds Read Vulnerability in MediaTek Devices
CVE-2025-20653

6.5MEDIUM

Summary

An out of bounds read vulnerability has been identified in MediaTek devices due to an integer overflow. This security flaw could potentially allow an attacker with physical access to the device to disclose sensitive information stored locally, without requiring any special execution privileges. User interaction is necessary for the exploitation of this vulnerability. Users are advised to apply the related patches as detailed in the MediaTek product security bulletin to mitigate the risks associated with this vulnerability.

Affected Version(s)

MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6895, MT6897, MT6983, MT6985, MT6989, MT8370, MT8390 Android 13.0, 14.0, 15.0

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.