CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20648

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.3%

CVSS Severity

CVSS v3 Score 5.5

References

https://corp.mediatek.com/product-security-bulletin/March-2025

Products affected by CVE-2025-20648

Mediatek » Mt2718 » Version: N/A

cpe:2.3:h:mediatek:mt2718:-
Mediatek » Mt6879 » Version: N/A

cpe:2.3:h:mediatek:mt6879:-
Mediatek » Mt6989 » Version: N/A

cpe:2.3:h:mediatek:mt6989:-
Mediatek » Mt8196 » Version: N/A

cpe:2.3:h:mediatek:mt8196:-
Mediatek » Mt8370 » Version: N/A

cpe:2.3:h:mediatek:mt8370:-
Mediatek » Mt8390 » Version: N/A

cpe:2.3:h:mediatek:mt8390:-
Mediatek » Mt8395 » Version: N/A

cpe:2.3:h:mediatek:mt8395:-
Mediatek » Mt8673 » Version: N/A

cpe:2.3:h:mediatek:mt8673:-
Mediatek » Mt8678 » Version: N/A

cpe:2.3:h:mediatek:mt8678:-
Google » Android » Version: 13.0

cpe:2.3:o:google:android:13.0
Google » Android » Version: 14.0

cpe:2.3:o:google:android:14.0
Google » Android » Version: 15.0

cpe:2.3:o:google:android:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20648

Products

Pricing

Contact Us