CVE-2025-20665 | MediaTek MT8893 devinfo file information disclosure (MSV-2760 / ALPS09555228)

A vulnerability, which was classified as problematic, was found in MediaTek MT6580, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8175, MT8195, MT8196, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8678, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8788E, MT8789, MT8791T, MT8795T, MT8796, MT8797, MT8798 and MT8893. Affected is an unknown function of the component devinfo. The manipulation leads to file and directory information exposure.

This vulnerability is traded as CVE-2025-20665. The attack needs to be approached locally. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-20665 | MediaTek MT8893 devinfo file information disclosure (MSV-2760 / ALPS09555228)

Post correlati

CVE-2025-0698 | JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d /admin/sys/menu/list sort/order sql injection

CVE-2025-1357 | Seventh D-Guard up to 20250206 HTTP GET Request path traversal

CVE-2024-6051 | Vercom Redlink SDK up to 1.13 resource injection

CVE-2024-51362 | LSC Smart Connect Indoor IP Camera up to 7.6.32 RTSP Protocol information disclosure