Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-20653

In da, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291064; Issue ID: MSV-2046.

Published

2025-03-03T03:15:10.170

Last Modified

2025-04-22T13:43:58.053

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-190
Type: Primary
CWE-190

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	google	android	13.0	Yes
Operating System	google	android	14.0	Yes
Operating System	google	android	15.0	Yes
Hardware	mediatek	mt6781	-	No
Hardware	mediatek	mt6789	-	No
Hardware	mediatek	mt6835	-	No
Hardware	mediatek	mt6855	-	No
Hardware	mediatek	mt6878	-	No
Hardware	mediatek	mt6879	-	No
Hardware	mediatek	mt6886	-	No
Hardware	mediatek	mt6895	-	No
Hardware	mediatek	mt6897	-	No
Hardware	mediatek	mt6983	-	No
Hardware	mediatek	mt6985	-	No
Hardware	mediatek	mt6989	-	No
Hardware	mediatek	mt8370	-	No
Hardware	mediatek	mt8390	-	No

References

https://corp.mediatek.com/product-security-bulletin/March-2025 Vendor Advisory ([email protected])