CVE-2025-20648

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://corp.mediatek.com/product-security-bulletin/March-2025	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:google:android:13.0:::::::*
	cpe:2.3:o:google:android:14.0:::::::*
	cpe:2.3:o:google:android:15.0:::::::*

OR	cpe:2.3:h:mediatek:mt2718:-:::::::*
	cpe:2.3:h:mediatek:mt6879:-:::::::*
	cpe:2.3:h:mediatek:mt6989:-:::::::*
	cpe:2.3:h:mediatek:mt8196:-:::::::*
	cpe:2.3:h:mediatek:mt8370:-:::::::*
	cpe:2.3:h:mediatek:mt8390:-:::::::*
	cpe:2.3:h:mediatek:mt8395:-:::::::*
	cpe:2.3:h:mediatek:mt8673:-:::::::*
	cpe:2.3:h:mediatek:mt8678:-:::::::*

History

No history.

Information

Published : 2025-03-03 03:15

Updated : 2025-04-22 13:46

NVD link : CVE-2025-20648

Mitre link : CVE-2025-20648

CVE.ORG link : CVE-2025-20648

JSON object : View

Products Affected

mediatek

mt6989
mt8395
mt2718
mt6879
mt8673
mt8678
mt8370
mt8390
mt8196

google

android

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2025-20648", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-03-03T03:15:09.620", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2025", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-125"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584."}, {"lang": "es", "value": "En la APU, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltante. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09456673; ID de problema: MSV-2584."}], "lastModified": "2025-04-22T13:46:59.780", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"}, {"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"}, {"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt2718:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F5506327-7DDF-4E88-9EA8-10B8E32F848B"}, {"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD"}, {"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255"}, {"criteria": "cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E"}, {"criteria": "cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31"}, {"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60"}, {"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89"}, {"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3"}, {"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}