CVE-2025-20902 MEDIUM

CVE-2025-20902

Published February 4, 2025
Last update February 4, 2025

CVSS base score

5.1/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Improper access control in Media Controller prior to version 1.0.24.5282 allows local attacker to launch activities in MediaController's privilege.

Key dates

02Disclosure timeline

February 4, 2025 CVE published
February 4, 2025 Record updated