Chipsets.org

Vulnerability

CVE-2025-20638

In DA, there is a possible read of uninitialized heap data due to uninitialized data. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation.

Impact

Severity (Manufact.)

MEDIUM

Severity (NIST)

N/A

Severity (Android)

N/A

Chipsets

Devices

558

Affected Hardware

Name	Also known as	Manufacturer
MT6739		MediaTek
MT6765	Helio P35	MediaTek
MT6771	Helio P60	MediaTek
MT6768	Helio P65	MediaTek
MT6781	Helio G96	MediaTek
MT6833	Dimensity 6020 Dimensity 700	MediaTek
MT6873	Dimensity 800	MediaTek
MT6833	Dimensity 6080 Dimensity 810	MediaTek
MT6877	Dimensity 900	MediaTek
MT6877	Dimensity 920	MediaTek

21 of 21 row(s) shown.

Rows per page

Page 1 of 3

Information reliability

The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.

Timeline

Introduced (est):

Oct 1, 2017

Reported:

Unknown

Advisory Published:

Feb 3, 2025

CVE Published:

N/A

Android Patch Level:

None