PT-2025-9264 · Mediatek+4 · Mt2737+4

Published

2025-03-03

Updated

2025-03-04

CVE-2025-20650

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions The product name cannot be determined.

Description There is a possible out of bounds write due to a missing bounds check, which could lead to local escalation of privilege. An attacker with physical access to the device can exploit this issue with no additional execution privileges needed, but user interaction is required.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2025-20650

Affected Products

Mt2737

Android

Openwrt

Rdk-B

Yocto

PT-2025-9264 · Mediatek+4 · Mt2737+4

CVE-2025-20650

Weakness Enumeration

Related Identifiers

Affected Products

References · 8