CVE-2025-20745
4.2
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Exploitability: 0.8 / Impact: 3.4
Source: NVD
Description
In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294.
Affected (3)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 13.0 |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt2718 | All versions |
Mediatek Mt6989 | All versions |
Mediatek Mt6991 | All versions |
Mediatek Mt8370 | All versions |
Mediatek Mt8390 | All versions |
Mediatek Mt8395 | All versions |
Mediatek Mt8676 | All versions |
Mediatek Mt8678 | All versions |
Mediatek Mt87920 | All versions |
References (1)
Source: security@mediatek.com
Vendor Advisory
Timeline
No history available yet.