CVE-2025-20768

Severity CVSS v4.0:

Pending analysis

Type:

CWE-125 Out-of-bounds Read

Publication date:

02/12/2025

Last modified:

02/12/2025

Description

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805.

Impact

References to Advisories, Solutions, and Tools

https://corp.mediatek.com/product-security-bulletin/December-2025