← Back

CVE-2025-20745

nvd nist
Published: Nov 4, 2025Modified: Jun 17, 2026

JSON object

Loading...
4.2
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Exploitability: 0.8 / Impact: 3.4
Source: NVD

Description

In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294.

Affected (3)

Products: Google: Android
1 product
Android
Configuration A
3 vulnerable · 9 platform
Vulnerable SoftwareAffected Versions
Google
Version 13.0
Version 14.0
Version 15.0
Running on/withPlatform Versions
Mediatek
Mt2718
All versions
Mediatek
Mt6989
All versions
Mediatek
Mt6991
All versions
Mediatek
Mt8370
All versions
Mediatek
Mt8390
All versions
Mediatek
Mt8395
All versions
Mediatek
Mt8676
All versions
Mediatek
Mt8678
All versions
Mediatek
Mt87920
All versions

References (1)

Source: security@mediatek.com
Vendor Advisory

Timeline

No history available yet.