Vulnerabilites related to mediatek - mt8186
CVE-2025-20697 (GCVE-0-2025-20697)
Vulnerability from cvelistv5
Published
2025-08-04 01:49
Modified
2025-08-05 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-20697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T03:56:07.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2718, MT6761, MT6765, MT6768, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6889, MT6893, MT6897, MT6989, MT6991, MT8186, MT8196, MT8391, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 14.0, 15.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-04T01:49:48.567Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2025"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2025-20697",
"datePublished": "2025-08-04T01:49:48.567Z",
"dateReserved": "2024-11-01T01:21:50.381Z",
"dateUpdated": "2025-08-05T03:56:07.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0623 (GCVE-0-2021-0623)
Vulnerability from cvelistv5
Published
2021-11-18 14:55
Modified
2024-08-03 15:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:47:28.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8186, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android 10.0, 11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T14:55:44",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MT5522, MT5527, MT5597, MT5598, MT5599, MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8186, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797, MT9256, MT9285, MT9286, MT9288, MT9629, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9670, MT9675, MT9685, MT9686, MT9688, MT9931, MT9950, MT9970, MT9980, MT9981",
"version": {
"version_data": [
{
"version_value": "Android 10.0, 11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://corp.mediatek.com/product-security-bulletin/November-2021",
"refsource": "MISC",
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0623",
"datePublished": "2021-11-18T14:55:44",
"dateReserved": "2020-11-06T00:00:00",
"dateUpdated": "2024-08-03T15:47:28.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20698 (GCVE-0-2025-20698)
Vulnerability from cvelistv5
Published
2025-08-04 01:49
Modified
2025-08-05 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-20698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T03:56:12.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8196, MT8391, MT8676, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0, 14.0, 15.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-04T01:49:50.189Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/August-2025"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2025-20698",
"datePublished": "2025-08-04T01:49:50.189Z",
"dateReserved": "2024-11-01T01:21:50.382Z",
"dateUpdated": "2025-08-05T03:56:12.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20694 (GCVE-0-2025-20694)
Vulnerability from cvelistv5
Published
2025-07-08 02:00
Modified
2025-07-14 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-124 - Buffer Underflow
Summary
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MT2718, MT6639, MT6653, MT6985, MT6989, MT6990, MT6991, MT7925, MT7927, MT8113, MT8115, MT8127, MT8163, MT8168, MT8169, MT8173, MT8183, MT8186, MT8188, MT8195, MT8196, MT8370, MT8390, MT8391, MT8395, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8786, MT8792, MT8796, MT8893 |
Version: Android 13.0, 14.0, 15.0 / SDK release 3.7 and before / openWRT 21.02, 23.05 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-20694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T16:33:42.460989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T16:33:57.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MT2718, MT6639, MT6653, MT6985, MT6989, MT6990, MT6991, MT7925, MT7927, MT8113, MT8115, MT8127, MT8163, MT8168, MT8169, MT8173, MT8183, MT8186, MT8188, MT8195, MT8196, MT8370, MT8390, MT8391, MT8395, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8786, MT8792, MT8796, MT8893",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "Android 13.0, 14.0, 15.0 / SDK release 3.7 and before / openWRT 21.02, 23.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-124",
"description": "CWE-124 Buffer Underflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T02:00:40.101Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/July-2025"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2025-20694",
"datePublished": "2025-07-08T02:00:40.101Z",
"dateReserved": "2024-11-01T01:21:50.375Z",
"dateUpdated": "2025-07-14T16:33:57.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-11-18 15:15
Modified
2024-11-21 05:43
Severity ?
Summary
In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt5522:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C38B265-3EE8-417C-9D59-6182939ED27E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C04171-DB18-40D7-AFC5-04A869942396",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5597:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC084C16-6693-4FEA-9BDD-B633EAA3E432",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*",
"matchCriteriaId": "455B256C-83C8-406F-B28F-A4205E7C094E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FF926A-2D26-4666-ACA4-474A89243566",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46F71838-4E50-4F2A-9EB8-30AE5DF8511E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C82E144B-0BAD-47E1-A657-3A5880988FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E76B29F-007E-4445-B3F3-3FDC054FEB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A1CB8F-3C1C-4374-8D46-23175D1174DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7362AED0-47F2-4D48-A292-89F717F0697E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7038AEA0-5BBE-44C9-92DE-96BDE3EEE45B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C27948-65A7-4B1E-9F10-6744D176A5C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D808EF4D-0A54-4324-8341-240F7AFABC40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64EDB89E-8140-4202-97B3-9D7337E90FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C5CC4F-DA66-4980-A4BB-693987431A38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "328DA6BE-1303-4646-89B7-2EC8DC444532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*",
"matchCriteriaId": "582F1041-CD84-4763-AD6F-E08DD11F689F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FDE8E0-FD9F-4D2B-944C-E17F34A09F06",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4932D34-06F4-49D7-81FB-772A82E8A5B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*",
"matchCriteriaId": "299378ED-41CE-4966-99B1-65D2BA1215EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AACF35D-27E0-49AF-A667-13585C8B8071",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE45F606-2E75-48BC-9D1B-99D504974CBF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE10C121-F2AD-43D2-8FF9-A6C197858220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1505AD53-987E-4328-8E1D-F5F1EC12B677",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD2C3EC-B62D-4616-964F-FDBE5B14A449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7E7D3C-436A-4068-99F1-AFEB34989F69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3E19E5-4DD7-4ECB-A7AE-F501A152078E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB4C96A-A50F-4194-BE9C-BF2DFD3DEB3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31E0E580-A76F-4CFA-BFF2-0F7540C63C3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "961C13C3-2C3D-46B1-A618-D45920EC5E95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16B4C37E-B6CA-4176-B98D-E1C9E66472EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62282860-5EAF-45EA-B36E-6B6F124C3096",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05585817."
},
{
"lang": "es",
"value": "En asf extractor, se presenta una posible lectura fuera de l\u00edmites debido a un desbordamiento de enteros. Esto podr\u00eda conllevar a una divulgaci\u00f3n de informaci\u00f3n local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. ID del Parche: ALPS05489178; ID del Problema: ALPS05585817."
}
],
"id": "CVE-2021-0623",
"lastModified": "2024-11-21T05:43:02.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-18T15:15:08.280",
"references": [
{
"source": "security@android.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/November-2021"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-08-04 02:15
Modified
2025-08-18 15:42
Severity ?
Summary
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/August-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 14.0 | ||
| android | 15.0 | ||
| mediatek | mt2718 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8186 | - | |
| mediatek | mt8196 | - | |
| mediatek | mt8391 | - | |
| mediatek | mt8678 | - | |
| mediatek | mt8775 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788e | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8796 | - | |
| mediatek | mt8873 | - | |
| mediatek | mt8883 | - | |
| mediatek | mt8893 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5506327-7DDF-4E88-9EA8-10B8E32F848B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBB30DF-E963-4940-B742-F6801F68C3FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4932D34-06F4-49D7-81FB-772A82E8A5B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8391:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B2824E-8D18-4DD7-91E7-41578B2FCD6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5FB550-7264-4879-BAF9-6798949113AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDF887A-1862-4336-ABFC-371838E1D029",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
"matchCriteriaId": "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DD525F-7050-42BD-829D-1121698B8009",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23DD8281-FEB4-4E23-8DDA-680FF895F12E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFAADB1-C2B2-47A6-BB66-761B964E7DFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795."
},
{
"lang": "es",
"value": "En Power HAL, existe una posible escritura fuera de los l\u00edmites debido a la falta de una comprobaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar una escalada local de privilegios si un agente malicioso ya ha obtenido el privilegio de System. No se requiere la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09915681; ID de problema: MSV-3795."
}
],
"id": "CVE-2025-20697",
"lastModified": "2025-08-18T15:42:08.480",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-08-04T02:15:26.863",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2025"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-08-04 02:15
Modified
2025-08-18 15:41
Severity ?
Summary
In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/August-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 13.0 | ||
| android | 14.0 | ||
| android | 15.0 | ||
| mediatek | mt2718 | - | |
| mediatek | mt6739 | - | |
| mediatek | mt6761 | - | |
| mediatek | mt6765 | - | |
| mediatek | mt6768 | - | |
| mediatek | mt6781 | - | |
| mediatek | mt6789 | - | |
| mediatek | mt6833 | - | |
| mediatek | mt6835 | - | |
| mediatek | mt6853 | - | |
| mediatek | mt6855 | - | |
| mediatek | mt6877 | - | |
| mediatek | mt6878 | - | |
| mediatek | mt6879 | - | |
| mediatek | mt6883 | - | |
| mediatek | mt6885 | - | |
| mediatek | mt6886 | - | |
| mediatek | mt6889 | - | |
| mediatek | mt6893 | - | |
| mediatek | mt6895 | - | |
| mediatek | mt6897 | - | |
| mediatek | mt6899 | - | |
| mediatek | mt6983 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt8186 | - | |
| mediatek | mt8196 | - | |
| mediatek | mt8391 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8678 | - | |
| mediatek | mt8775 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8788e | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8796 | - | |
| mediatek | mt8873 | - | |
| mediatek | mt8883 | - | |
| mediatek | mt8893 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5506327-7DDF-4E88-9EA8-10B8E32F848B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*",
"matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*",
"matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBB30DF-E963-4940-B742-F6801F68C3FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4932D34-06F4-49D7-81FB-772A82E8A5B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8391:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B2824E-8D18-4DD7-91E7-41578B2FCD6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE302F6F-170E-4350-A8F4-65BE0C50CB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5FB550-7264-4879-BAF9-6798949113AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8788e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDF887A-1862-4336-ABFC-371838E1D029",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
"matchCriteriaId": "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DD525F-7050-42BD-829D-1121698B8009",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23DD8281-FEB4-4E23-8DDA-680FF895F12E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFAADB1-C2B2-47A6-BB66-761B964E7DFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793."
},
{
"lang": "es",
"value": "En Power HAL, existe una posible escritura fuera de los l\u00edmites debido a la falta de una comprobaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar una escalada local de privilegios si un agente malicioso ya ha obtenido privilegios de System. No se requiere la interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: ALPS09915400; ID de problema: MSV-3793."
}
],
"id": "CVE-2025-20698",
"lastModified": "2025-08-18T15:41:58.840",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-08-04T02:15:27.010",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/August-2025"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-07-08 03:15
Modified
2025-07-14 17:15
Severity ?
Summary
In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mediatek.com | https://corp.mediatek.com/product-security-bulletin/July-2025 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mediatek | software_development_kit | * | |
| android | 13.0 | ||
| android | 14.0 | ||
| android | 15.0 | ||
| openwrt | openwrt | 21.02.0 | |
| openwrt | openwrt | 23.05 | |
| mediatek | mt2718 | - | |
| mediatek | mt6639 | - | |
| mediatek | mt6653 | - | |
| mediatek | mt6985 | - | |
| mediatek | mt6989 | - | |
| mediatek | mt6990 | - | |
| mediatek | mt6991 | - | |
| mediatek | mt7925 | - | |
| mediatek | mt7927 | - | |
| mediatek | mt8113 | - | |
| mediatek | mt8115 | - | |
| mediatek | mt8127 | - | |
| mediatek | mt8163 | - | |
| mediatek | mt8168 | - | |
| mediatek | mt8169 | - | |
| mediatek | mt8173 | - | |
| mediatek | mt8183 | - | |
| mediatek | mt8186 | - | |
| mediatek | mt8188 | - | |
| mediatek | mt8195 | - | |
| mediatek | mt8196 | - | |
| mediatek | mt8370 | - | |
| mediatek | mt8390 | - | |
| mediatek | mt8391 | - | |
| mediatek | mt8395 | - | |
| mediatek | mt8512 | - | |
| mediatek | mt8516 | - | |
| mediatek | mt8519 | - | |
| mediatek | mt8676 | - | |
| mediatek | mt8678 | - | |
| mediatek | mt8695 | - | |
| mediatek | mt8696 | - | |
| mediatek | mt8698 | - | |
| mediatek | mt8786 | - | |
| mediatek | mt8792 | - | |
| mediatek | mt8796 | - | |
| mediatek | mt8893 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DABBC56-5969-45B0-A810-1AD5225866BD",
"versionEndIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:23.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AED95D06-8EC6-4070-BE3C-E0F851D7FFC1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt2718:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5506327-7DDF-4E88-9EA8-10B8E32F848B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6639:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A9E074-8679-4BD0-9C79-D9676D014587",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6653:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B44DA85D-F7F7-4C66-8461-FD231918C5C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBB30DF-E963-4940-B742-F6801F68C3FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27CFC9DF-2F4C-469A-8A19-A260B1134CFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05525018-AFE0-415C-A71C-A77922C7D637",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8113:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63268B4-5415-426A-A306-2006211FFE63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2428897-5F6E-4B63-ADDC-0C15BDF2C565",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8127:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7BDC63-3963-4C4D-B547-2936006926E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2ED140-C41B-418B-9DC7-8C486304E769",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5375050-4568-4919-BFE3-A72E1C7E65A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4452EFCF-5733-40A0-8726-F8E33E569411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23F65D7B-31A1-4D94-82E9-254A7A6D7BE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4932D34-06F4-49D7-81FB-772A82E8A5B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0C4D80-28BC-4C4D-B522-AD9EC5222A2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8391:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B2824E-8D18-4DD7-91E7-41578B2FCD6C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E51B721-CBDD-4223-ACD1-509E82D1B4A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B39C49F-918A-432E-9E02-4E32E4E1B0F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8519:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1E2F45-F68E-4D08-A9A8-FC185A0B1270",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE302F6F-170E-4350-A8F4-65BE0C50CB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5126E05-25DC-4EF7-8DDE-BBA38A7547FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26573298-76BC-49FE-8D99-CF03ED01B185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8698:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8B1C43-5770-440F-8015-3BBBD7AF8386",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*",
"matchCriteriaId": "336FC69E-E89F-4642-B6B9-8009D9A2BD52",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE933AD9-3A6F-421B-8AB3-C45F8DEA9548",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFAADB1-C2B2-47A6-BB66-761B964E7DFB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342."
},
{
"lang": "es",
"value": "En el firmware de Bluetooth, existe un posible fallo del sistema debido a una excepci\u00f3n no detectada. Esto podr\u00eda provocar una denegaci\u00f3n de servicio remota sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se requiere la interacci\u00f3n del usuario para su explotaci\u00f3n. ID de parche: ALPS09752821; ID de problema: MSV-3342."
}
],
"id": "CVE-2025-20694",
"lastModified": "2025-07-14T17:15:32.277",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-07-08T03:15:29.250",
"references": [
{
"source": "security@mediatek.com",
"tags": [
"Vendor Advisory"
],
"url": "https://corp.mediatek.com/product-security-bulletin/July-2025"
}
],
"sourceIdentifier": "security@mediatek.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-124"
}
],
"source": "security@mediatek.com",
"type": "Secondary"
}
]
}