SB2025030336 - Multiple vulnerabilities in MediaTek chipsets

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025030336

SB2025030336 - Multiple vulnerabilities in MediaTek chipsets

Published: March 3, 2025

Security Bulletin ID SB2025030336
Severity
Low
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Improper Validation of Syntactic Correctness of Input (CVE-ID: CVE-2025-20644)

The vulnerability allows a local application to perform service disruption.

The vulnerability exists due to incorrect error handling within Modem. A local application can perform service disruption.


2) Out-of-bounds write (CVE-ID: CVE-2025-20645)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within KeyInstall. A local application can execute arbitrary code.


3) Out-of-bounds write (CVE-ID: CVE-2025-20646)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within wlan. A local application can execute arbitrary code.


4) NULL Pointer Dereference (CVE-ID: CVE-2025-20647)

The vulnerability allows a local application to perform service disruption.

The vulnerability exists due to a missing bounds check within Modem. A local application can perform service disruption.


5) Out-of-bounds read (CVE-ID: CVE-2025-20648)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a missing bounds check within apu. A local application can gain access to sensitive information.


6) Improper Handling of Insufficient Permissions or Privileges (CVE-ID: CVE-2025-20649)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a missing permission check within Bluetooth. A local application can gain access to sensitive information.


7) Out-of-bounds write (CVE-ID: CVE-2025-20650)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.


8) Out-of-bounds read (CVE-ID: CVE-2025-20651)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a missing bounds check within DA. A local application can gain access to sensitive information.


9) Out-of-bounds read (CVE-ID: CVE-2025-20652)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to a missing bounds check within DA. A local application can gain access to sensitive information.


10) Integer overflow (CVE-ID: CVE-2025-20653)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to an integer overflow within DA. A local application can gain access to sensitive information.


Remediation

Install update from vendor's website.

References