CVE-2025-20651

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2062.

Published: Mar 3, 2025
Updated: Apr 30, 2025
CVE: CVE-2025-20651
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
linuxfoundation / yocto	4.0	4.0.x
rdkcentral / rdk-b	2022q3	2022q3.x
rdkcentral / rdk-b	2024q1	2024q1.x
google / android	13.0	13.0.x
google / android	14.0	14.0.x
google / android	15.0	15.0.x
openwrt / openwrt	21.02.0	21.02.0.x
openwrt / openwrt	23.05	23.05.x

https://corp.mediatek.com/product-security-bulletin/March-2025

Vulnerability Database

289,697

CVE-2025-20651