Vulnerability Database

290,300

Total vulnerabilities in the database

CVE-2025-20638

In DA, there is a possible read of uninitialized heap data due to uninitialized data. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291449; Issue ID: MSV-2066.

  • Published: Feb 3, 2025
  • Updated: May 4, 2025
  • CVE: CVE-2025-20638
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWEs:

Software From Fixed in
google / android 12.0 12.0.x
google / android 13.0 13.0.x
google / android 14.0 14.0.x
google / android 15.0 15.0.x