CVE-2025-20657 Information

Description

In vdec there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.

Reference

https://corp.mediatek.com/product-security-bulletin/April-2025