CVE-2025-20650

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2061.

Published: Mar 3, 2025
Updated: Apr 30, 2025
CVE: CVE-2025-20650
Exploit:

No technical information available.

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
linuxfoundation / yocto	4.0	4.0.x
rdkcentral / rdk-b	2022q3	2022q3.x
rdkcentral / rdk-b	2024q1	2024q1.x
google / android	13.0	13.0.x
google / android	14.0	14.0.x
google / android	15.0	15.0.x
openwrt / openwrt	21.02.0	21.02.0.x
openwrt / openwrt	23.05	23.05.x

https://corp.mediatek.com/product-security-bulletin/March-2025

Vulnerability Database

289,697

CVE-2025-20650