CVE-2025-20743 - Vulnerability Details

In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00005.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

MediaTek, Inc.

MT2718, MT6761, MT6765, MT6768, MT6781, MT6853, MT6877, MT6886, MT6893, MT6897, MT6899, MT6983, MT6989, MT6991, MT8113, MT8163, MT8168, MT8169, MT8183, MT8186, MT8188, MT8195, MT8196, MT8321, MT8365, MT8385, MT8390, MT8391, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8755, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788E, MT8791T, MT8792, MT8793, MT8796, MT8797, MT8798, MT8873, MT8883, MT8893

affected

Version	Status	Constraints
`Android 14.0, 15.0, 16.0`	affected	—

Configuration 1 [-]

AND

OR	cpe:2.3:o:google:android:14.0:::::::*
	cpe:2.3:o:google:android:15.0:::::::*
	cpe:2.3:o:google:android:16.0:::::::*

OR	cpe:2.3:h:mediatek:mt2718:-:::::::*
	cpe:2.3:h:mediatek:mt6761:-:::::::*
	cpe:2.3:h:mediatek:mt6765:-:::::::*
	cpe:2.3:h:mediatek:mt6768:-:::::::*
	cpe:2.3:h:mediatek:mt6781:-:::::::*
	cpe:2.3:h:mediatek:mt6853:-:::::::*
	cpe:2.3:h:mediatek:mt6877:-:::::::*
	cpe:2.3:h:mediatek:mt6886:-:::::::*
	cpe:2.3:h:mediatek:mt6893:-:::::::*
	cpe:2.3:h:mediatek:mt6897:-:::::::*
	cpe:2.3:h:mediatek:mt6899:-:::::::*
	cpe:2.3:h:mediatek:mt6983:-:::::::*
	cpe:2.3:h:mediatek:mt6989:-:::::::*
	cpe:2.3:h:mediatek:mt6991:-:::::::*
	cpe:2.3:h:mediatek:mt8113:-:::::::*
	cpe:2.3:h:mediatek:mt8163:-:::::::*
	cpe:2.3:h:mediatek:mt8168:-:::::::*
	cpe:2.3:h:mediatek:mt8169:-:::::::*
	cpe:2.3:h:mediatek:mt8183:-:::::::*
	cpe:2.3:h:mediatek:mt8186:-:::::::*
	cpe:2.3:h:mediatek:mt8188:-:::::::*
	cpe:2.3:h:mediatek:mt8195:-:::::::*
	cpe:2.3:h:mediatek:mt8196:-:::::::*
	cpe:2.3:h:mediatek:mt8321:-:::::::*
	cpe:2.3:h:mediatek:mt8365:-:::::::*
	cpe:2.3:h:mediatek:mt8385:-:::::::*
	cpe:2.3:h:mediatek:mt8390:-:::::::*
	cpe:2.3:h:mediatek:mt8391:-:::::::*
	cpe:2.3:h:mediatek:mt8512:-:::::::*
	cpe:2.3:h:mediatek:mt8516:-:::::::*
	cpe:2.3:h:mediatek:mt8519:-:::::::*
	cpe:2.3:h:mediatek:mt8676:-:::::::*
	cpe:2.3:h:mediatek:mt8678:-:::::::*
	cpe:2.3:h:mediatek:mt8695:-:::::::*
	cpe:2.3:h:mediatek:mt8696:-:::::::*
	cpe:2.3:h:mediatek:mt8698:-:::::::*
	cpe:2.3:h:mediatek:mt8755:-:::::::*
	cpe:2.3:h:mediatek:mt8766:-:::::::*
	cpe:2.3:h:mediatek:mt8768:-:::::::*
	cpe:2.3:h:mediatek:mt8771:-:::::::*
	cpe:2.3:h:mediatek:mt8775:-:::::::*
	cpe:2.3:h:mediatek:mt8781:-:::::::*
	cpe:2.3:h:mediatek:mt8786:-:::::::*
	cpe:2.3:h:mediatek:mt8788e:-:::::::*
	cpe:2.3:h:mediatek:mt8791t:-:::::::*
	cpe:2.3:h:mediatek:mt8792:-:::::::*
	cpe:2.3:h:mediatek:mt8793:-:::::::*
	cpe:2.3:h:mediatek:mt8796:-:::::::*
	cpe:2.3:h:mediatek:mt8797:-:::::::*
	cpe:2.3:h:mediatek:mt8798:-:::::::*
	cpe:2.3:h:mediatek:mt8873:-:::::::*
	cpe:2.3:h:mediatek:mt8883:-:::::::*
	cpe:2.3:h:mediatek:mt8893:-:::::::*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Mediatek Subscribe	Mt2718 Subscribe Mt6761 Subscribe Mt6765 Subscribe Mt6768 Subscribe Mt6781 Subscribe Mt6853 Subscribe Mt6877 Subscribe Mt6886 Subscribe Mt6893 Subscribe Mt6897 Subscribe Mt6899 Subscribe Mt6983 Subscribe Mt6989 Subscribe Mt6991 Subscribe Mt8113 Subscribe Mt8163 Subscribe Mt8168 Subscribe Mt8169 Subscribe Mt8183 Subscribe Mt8186 Subscribe Mt8188 Subscribe Mt8195 Subscribe Mt8196 Subscribe Mt8321 Subscribe Mt8365 Subscribe Mt8385 Subscribe Mt8390 Subscribe Mt8391 Subscribe Mt8512 Subscribe Mt8516 Subscribe Mt8519 Subscribe Mt8676 Subscribe Mt8678 Subscribe Mt8695 Subscribe Mt8696 Subscribe Mt8698 Subscribe Mt8755 Subscribe Mt8766 Subscribe Mt8768 Subscribe Mt8771 Subscribe Mt8775 Subscribe Mt8781 Subscribe Mt8786 Subscribe Mt8788e Subscribe Mt8791t Subscribe Mt8792 Subscribe Mt8793 Subscribe Mt8796 Subscribe Mt8797 Subscribe Mt8798 Subscribe Mt8873 Subscribe Mt8883 Subscribe Mt8893 Subscribe

Project Subscriptions

Vendors	Products
Google Subscribe	Android Subscribe
Mediatek Subscribe	Mt2718 Subscribe Mt6761 Subscribe Mt6765 Subscribe Mt6768 Subscribe Mt6781 Subscribe Mt6853 Subscribe Mt6877 Subscribe Mt6886 Subscribe Mt6893 Subscribe Mt6897 Subscribe Mt6899 Subscribe Mt6983 Subscribe Mt6989 Subscribe Mt6991 Subscribe Mt8113 Subscribe Mt8163 Subscribe Mt8168 Subscribe Mt8169 Subscribe Mt8183 Subscribe Mt8186 Subscribe Mt8188 Subscribe Mt8195 Subscribe Mt8196 Subscribe Mt8321 Subscribe Mt8365 Subscribe Mt8385 Subscribe Mt8390 Subscribe Mt8391 Subscribe Mt8512 Subscribe Mt8516 Subscribe Mt8519 Subscribe Mt8676 Subscribe Mt8678 Subscribe Mt8695 Subscribe Mt8696 Subscribe Mt8698 Subscribe Mt8755 Subscribe Mt8766 Subscribe Mt8768 Subscribe Mt8771 Subscribe Mt8775 Subscribe Mt8781 Subscribe Mt8786 Subscribe Mt8788e Subscribe Mt8791t Subscribe Mt8792 Subscribe Mt8793 Subscribe Mt8796 Subscribe Mt8797 Subscribe Mt8798 Subscribe Mt8873 Subscribe Mt8883 Subscribe Mt8893 Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/November-2025

History

Wed, 05 Nov 2025 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Google Google android
CPEs		cpe:2.3:h:mediatek:mt2718:-:::::::* cpe:2.3:h:mediatek:mt6761:-:::::::* cpe:2.3:h:mediatek:mt6765:-:::::::* cpe:2.3:h:mediatek:mt6768:-:::::::* cpe:2.3:h:mediatek:mt6781:-:::::::* cpe:2.3:h:mediatek:mt6853:-:::::::* cpe:2.3:h:mediatek:mt6877:-:::::::* cpe:2.3:h:mediatek:mt6886:-:::::::* cpe:2.3:h:mediatek:mt6893:-:::::::* cpe:2.3:h:mediatek:mt6897:-:::::::* cpe:2.3:h:mediatek:mt6899:-:::::::* cpe:2.3:h:mediatek:mt6983:-:::::::* cpe:2.3:h:mediatek:mt6989:-:::::::* cpe:2.3:h:mediatek:mt6991:-:::::::* cpe:2.3:h:mediatek:mt8113:-:::::::* cpe:2.3:h:mediatek:mt8163:-:::::::* cpe:2.3:h:mediatek:mt8168:-:::::::* cpe:2.3:h:mediatek:mt8169:-:::::::* cpe:2.3:h:mediatek:mt8183:-:::::::* cpe:2.3:h:mediatek:mt8186:-:::::::* cpe:2.3:h:mediatek:mt8188:-:::::::* cpe:2.3:h:mediatek:mt8195:-:::::::* cpe:2.3:h:mediatek:mt8196:-:::::::* cpe:2.3:h:mediatek:mt8321:-:::::::* cpe:2.3:h:mediatek:mt8365:-:::::::* cpe:2.3:h:mediatek:mt8385:-:::::::* cpe:2.3:h:mediatek:mt8390:-:::::::* cpe:2.3:h:mediatek:mt8391:-:::::::* cpe:2.3:h:mediatek:mt8512:-:::::::* cpe:2.3:h:mediatek:mt8516:-:::::::* cpe:2.3:h:mediatek:mt8519:-:::::::* cpe:2.3:h:mediatek:mt8676:-:::::::* cpe:2.3:h:mediatek:mt8678:-:::::::* cpe:2.3:h:mediatek:mt8695:-:::::::* cpe:2.3:h:mediatek:mt8696:-:::::::* cpe:2.3:h:mediatek:mt8698:-:::::::* cpe:2.3:h:mediatek:mt8755:-:::::::* cpe:2.3:h:mediatek:mt8766:-:::::::* cpe:2.3:h:mediatek:mt8768:-:::::::* cpe:2.3:h:mediatek:mt8771:-:::::::* cpe:2.3:h:mediatek:mt8775:-:::::::* cpe:2.3:h:mediatek:mt8781:-:::::::* cpe:2.3:h:mediatek:mt8786:-:::::::* cpe:2.3:h:mediatek:mt8788e:-:::::::* cpe:2.3:h:mediatek:mt8791t:-:::::::* cpe:2.3:h:mediatek:mt8792:-:::::::* cpe:2.3:h:mediatek:mt8793:-:::::::* cpe:2.3:h:mediatek:mt8796:-:::::::* cpe:2.3:h:mediatek:mt8797:-:::::::* cpe:2.3:h:mediatek:mt8798:-:::::::* cpe:2.3:h:mediatek:mt8873:-:::::::* cpe:2.3:h:mediatek:mt8883:-:::::::* cpe:2.3:h:mediatek:mt8893:-:::::::* cpe:2.3:o:google:android:14.0:::::::* cpe:2.3:o:google:android:15.0:::::::* cpe:2.3:o:google:android:16.0:::::::*
Vendors & Products		Google Google android

Tue, 04 Nov 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 4.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 04 Nov 2025 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mediatek Mediatek mt2718 Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6781 Mediatek mt6853 Mediatek mt6877 Mediatek mt6886 Mediatek mt6893 Mediatek mt6897 Mediatek mt6899 Mediatek mt6983 Mediatek mt6989 Mediatek mt6991 Mediatek mt8113 Mediatek mt8163 Mediatek mt8168 Mediatek mt8169 Mediatek mt8183 Mediatek mt8186 Mediatek mt8188 Mediatek mt8195 Mediatek mt8196 Mediatek mt8321 Mediatek mt8365 Mediatek mt8385 Mediatek mt8390 Mediatek mt8391 Mediatek mt8512 Mediatek mt8516 Mediatek mt8519 Mediatek mt8676 Mediatek mt8678 Mediatek mt8695 Mediatek mt8696 Mediatek mt8698 Mediatek mt8755 Mediatek mt8766 Mediatek mt8768 Mediatek mt8771 Mediatek mt8775 Mediatek mt8781 Mediatek mt8786 Mediatek mt8788e Mediatek mt8791t Mediatek mt8792 Mediatek mt8793 Mediatek mt8796 Mediatek mt8797 Mediatek mt8798 Mediatek mt8873 Mediatek mt8883 Mediatek mt8893
Vendors & Products		Mediatek Mediatek mt2718 Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6781 Mediatek mt6853 Mediatek mt6877 Mediatek mt6886 Mediatek mt6893 Mediatek mt6897 Mediatek mt6899 Mediatek mt6983 Mediatek mt6989 Mediatek mt6991 Mediatek mt8113 Mediatek mt8163 Mediatek mt8168 Mediatek mt8169 Mediatek mt8183 Mediatek mt8186 Mediatek mt8188 Mediatek mt8195 Mediatek mt8196 Mediatek mt8321 Mediatek mt8365 Mediatek mt8385 Mediatek mt8390 Mediatek mt8391 Mediatek mt8512 Mediatek mt8516 Mediatek mt8519 Mediatek mt8676 Mediatek mt8678 Mediatek mt8695 Mediatek mt8696 Mediatek mt8698 Mediatek mt8755 Mediatek mt8766 Mediatek mt8768 Mediatek mt8771 Mediatek mt8775 Mediatek mt8781 Mediatek mt8786 Mediatek mt8788e Mediatek mt8791t Mediatek mt8792 Mediatek mt8793 Mediatek mt8796 Mediatek mt8797 Mediatek mt8798 Mediatek mt8873 Mediatek mt8883 Mediatek mt8893

Tue, 04 Nov 2025 06:30:00 +0000

Type	Values Removed	Values Added
Description		In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.
Weaknesses		CWE-416
References		https://corp.mediatek.com/product-security-bulletin/November-2025

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2025-11-04T06:19:57.990Z

Updated: 2025-11-05T04:55:44.828Z

Reserved: 2024-11-01T01:21:50.396Z

Link: CVE-2025-20743

Vulnrichment

Updated: 2025-11-04T21:05:32.258Z

NVD

Status : Analyzed

Published: 2025-11-04T07:15:46.333

Modified: 2025-11-05T17:12:09.640

Link: CVE-2025-20743

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-11-04T16:32:51Z

Weaknesses

CWE-416

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object