Vulnerability in Mediatek, Inc. Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893

CVE-2025-20643

In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, if a malicious actor has already obtained the System privilege…

EPSS: 0.000 (10.5th percentile) — read the EPSS interpretation.

Affected products

Mediatek, Inc. Mt6739, Mt6761, Mt6765, Mt6768, Mt6771, Mt6779, Mt6781, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8167s, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8667, Mt8673, Mt8675, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8775, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791t, Mt8795t, Mt8797, Mt8798, Mt8893 — versions Android 12.0, 13.0, 14.0, 15.0

Weakness classification (CWE)

CWE-1295

References

corp.mediatek.com/product-security-bulletin/February-2025