2 matches found
CVE-2025-20658
CVE-2025-20658 is a MediaTek DA component vulnerability caused by a logic error that enables a local elevation of privilege with physical access and no user interaction. The issue affects DA and can be exploited without additional execution privileges; CVSS 3.1 metrics indicate physical access re...
CVE-2025-20656
In CVE-2025-20656, the issue is in MediaTek DA within MediaTek firmware: a possible out-of-bounds write caused by a missing bounds check. This could enable local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed and no user in...