CVE-2025-20635

Published Feb 3, 2025

Last updated 4 days ago

CVSS medium 6.6

Overview

Description: In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09403752; Issue ID: MSV-2434.
Source: security@mediatek.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.6
Impact score: 5.9
Exploitability score: 0.7
Vector string: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

security@mediatek.com: CWE-787
nvd@nist.gov: CWE-787

Hype score: Not currently trending

CVE-2025-20635 In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access … https://t.co/LMTduo1QJV
@CVEnew
3 Feb 2025
563 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951"
          },
          {
            "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF"
          },
          {
            "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2024q1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB397DA1-62B3-48FD-B694-9FDA4DA25EDE"
          },
          {
            "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
          },
          {
            "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
          },
          {
            "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
          },
          {
            "criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E"
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A"
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7"
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:22.03.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4A72088-37C7-4820-B650-440FE4848BDD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References