CVE-2025-20745_CVE-2025-20745

4.2 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Description

In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294.

Basic Information

ID CVE-2025-20745

Source MediaTek

Published Nov 4, 2025 at 06:20

Modified Nov 4, 2025 at 20:56

Affected Product

Vendor MediaTek, Inc.

Product MT2718, MT6989, MT6991, MT8370, MT8390, MT8395, MT8676, MT8678, MT87920

Version Android 13.0, 14.0, 15.0

Affected Versions MediaTek, Inc. MT2718, MT6989, MT6991, MT8370, MT8390, MT8395, MT8676, MT8678, MT87920 Android 13.0, 14.0, 15.0

CWE Classification

CWE-416

References

corp.mediatek.com /product-security-bulletin/November-2025

{
    "lastseen": "",
    "description": "In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294.",
    "published": "2025-11-04T06:20:03.095Z",
    "modified": "2025-11-04T20:56:59.273Z",
    "type": "cve",
    "title": "CVE-2025-20745",
    "source": "MediaTek",
    "references": "https://corp.mediatek.com/product-security-bulletin/November-2025",
    "id": "CVE-2025-20745",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "MediaTek, Inc. MT2718, MT6989, MT6991, MT8370, MT8390, MT8395, MT8676, MT8678, MT87920 Android 13.0, 14.0, 15.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MT2718, MT6989, MT6991, MT8370, MT8390, MT8395, MT8676, MT8678, MT87920",
    "version": "Android 13.0, 14.0, 15.0",
    "vendor": "MediaTek, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}