Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

mt6768

Source -

ADPNVD

CNA CVEs -

0

ADP CVEs -

81

CISA CVEs -

0

NVD CVEs -

455
Related CVEsRelated VendorsRelated AssignersReports
457Vulnerabilities found

CVE-2026-20454
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.08% / 0.17%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 03:20
Updated-02 Jun, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6889_firmwaremt8765_firmwaremt6985mt6991_firmwaremt6739mt8673_firmwaremt8788mt8788_firmwaremt6886mt6761mt8798_firmwaremt6855_firmwaremt6885mt6781_firmwaremt6768mt6878mt8673mt6835_firmwaremt6893_firmwaremt6853_firmwaremt6983_firmwaremt8766_firmwaremt6885_firmwaremt6878_firmwaremt6983mt6897mt6883_firmwaremt6883mt6877mt6991mt6895mt6781mt8781mt6897_firmwaremt6989mt6765_firmwaremt8791tmt6789mt6879_firmwaremt6889mt8765mt6765mt8768_firmwaremt6768_firmwaremt6886_firmwaremt8781_firmwaremt6893mt6985_firmwaremt8768mt6899_firmwaremt6739_firmwaremt8798mt6761_firmwaremt8766mt8910_firmwaremt8786_firmwaremt8786mt8793mt6855mt6989_firmwaremt6853mt6877_firmwaremt8793_firmwaremt6835mt6789_firmwaremt8797_firmwaremt8797mt6895_firmwaremt8910mt6879mt6899mt8791t_firmwareMediaTek chipset
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2026-20453
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 1.75%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 03:20
Updated-02 Jun, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6889_firmwaremt8765_firmwaremt6985mt6991_firmwaremt6739mt8673_firmwaremt8788mt8788_firmwaremt6886mt6761mt8798_firmwaremt6855_firmwaremt6885mt6781_firmwaremt6768mt6878mt8673mt6835_firmwaremt6893_firmwaremt6853_firmwaremt6983_firmwaremt8766_firmwaremt6885_firmwaremt6878_firmwaremt6983mt6897mt6883_firmwaremt6883mt6877mt6991mt6895mt6781mt8781mt6897_firmwaremt6989mt6765_firmwaremt8791tmt6789mt6879_firmwaremt6889mt8765mt6765mt8768_firmwaremt6768_firmwaremt6886_firmwaremt8781_firmwaremt6893mt6985_firmwaremt8768mt6899_firmwaremt6739_firmwaremt8798mt6761_firmwaremt8766mt8910_firmwaremt8786_firmwaremt8786mt8793mt6855mt6989_firmwaremt6853mt6877_firmwaremt8793_firmwaremt6835mt6789_firmwaremt8797_firmwaremt8797mt6895_firmwaremt8910mt6879mt6899mt8791t_firmwareMediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20449
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 13.02%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 05:41
Updated-07 May, 2026 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01760138; Issue ID: MSV-6148.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8668mt6779mt6991_firmwaremt2737_firmwaremt8791mt8798_firmwaremt6875_firmwaremt6771mt6990_firmwaremt6768_firmwaremt8771mt6815_firmwaremt8755mt6765mt6890mt8863_firmwaremt6986dmt6895_firmwaremt6833mt2735mt8668_firmwaremt8675mt6877_firmwaremt6767mt6988_firmwaremt6893mt6885mt8793mt8883mt6877mt8791t_firmwaremt6815mt6886mt8883_firmwaremt6875mt6897mt6990mt8873_firmwaremt6896mt6889_firmwaremt6767_firmwaremt6858_firmwaremt8775_firmwaremt6781mt6813mt8863mt6813_firmwaremt6769mt6873_firmwaremt8673_firmwaremt6880_firmwaremt8792_firmwaremt6855_firmwaremt6789_firmwaremt6899_firmwaremt6991mt6897_firmwaremt6880mt6739_firmwaremt6985mt6785_firmwaremt6783_firmwaremt6835mt6761mt6889mt8791_firmwaremt2737mt8797mt8771_firmwaremt6989_firmwaremt6761_firmwaremt6789mt8795t_firmwaremt6891_firmwaremt6883mt6858mt8798mt6853_firmwaremt8893_firmwaremt6833_firmwaremt6769_firmwaremt6890_firmwaremt8793_firmwaremt6899mt6988mt6879mt6983mt8775mt6855mt2735_firmwaremt6853mt6895mt6893_firmwaremt8792mt6879_firmwaremt6986d_firmwaremt6891mt6783mt8755_firmwaremt6765_firmwaremt6763mt6980_firmwaremt8676mt6768mt6883_firmwaremt6985_firmwaremt6762_firmwaremt8676_firmwaremt8675_firmwaremt6781_firmwaremt8795tmt6873mt8673mt6739mt6878mt6771_firmwaremt8893mt6763_firmwaremt6878_firmwaremt8797_firmwaremt8873mt8678_firmwaremt6762mt6989mt6993_firmwaremt6885_firmwaremt6835_firmwaremt6980mt6886_firmwaremt6896_firmwaremt6993mt8678mt8791tmt6785mt6779_firmwaremt6983_firmwareMediaTek chipset
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-20448
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.15% / 4.30%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 05:41
Updated-07 May, 2026 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8796mt6897mt8781_firmwaremt6991_firmwaremt6989_firmwaremt8766mt6789mt6765_firmwaremt8768_firmwaremt8796_firmwaremt6768mt6768_firmwaremt8768mt8766_firmwaremt8775_firmwaremt8910_firmwaremt8893_firmwaremt8786_firmwaremt8786mt8793_firmwaremt6899mt8788e_firmwaremt8781mt8792_firmwaremt8893mt6765mt6789_firmwaremt6899_firmwaremt6991mt8775mt6897_firmwaremt8788emt8910mt6989mt6993_firmwaremt6877_firmwaremt8792mt6993mt8367_firmwaremt8791tmt8793mt6877mt8367mt8791t_firmwareMediaTek chipset
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CVE-2026-20447
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 1.80%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 05:41
Updated-07 May, 2026 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073; Issue ID: MSV-6296.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8196_firmwaremt8781_firmwaremt6991_firmwaremt6989_firmwaremt8766mt6789mt8768_firmwaremt6768mt6768_firmwaremt8768mt8766_firmwaremt8910_firmwaremt8786_firmwaremt8786mt8793_firmwaremt6899mt8196mt8788e_firmwaremt8781mt6789_firmwaremt6899_firmwaremt6991mt8788emt8910mt6989mt6993_firmwaremt6877_firmwaremt6993mt8367_firmwaremt8791tmt8793mt6877mt8367mt8791t_firmwareMediaTek chipset
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-20429
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 0.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5535.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-20444
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt6878mt6853mt8186mt6897mt6879androidmt8673mt6855mt6889mt6765mt8795tmt6761mt6768mt8883mt6789mt6886mt6983mt8768mt8766mt6899mt6877mt8798mt6985mt6833mt8667mt6835mt6781mt6991mt8793mt8771mt8796mt8873mt6885mt8678mt6895mt8676mt8765mt8781mt6883mt8196mt8791tmt6989mt8188mt6993mt8792MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20443
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt6878mt6853mt8186mt6897mt6879androidmt8673mt6855mt6889mt6765mt8795tmt6761mt6768mt8883mt6789mt6886mt6983mt8768mt8766mt6899mt6877mt8798mt6985mt6833mt8667mt6835mt6781mt6991mt8793mt8771mt8796mt8873mt6885mt8678mt6895mt8676mt8765mt8781mt6883mt8196mt8791tmt6989mt8188mt6993mt8792MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2026-20442
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 0.05%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5723.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt6878mt6853mt8186mt6897mt6879androidmt8673mt6855mt6889mt6765mt8795tmt6761mt6768mt8883mt6789mt6886mt6983mt8768mt8766mt6899mt6877mt8798mt6985mt6833mt8667mt6835mt6781mt6991mt8793mt8771mt8796mt8873mt6885mt8678mt6895mt8676mt8765mt8781mt6883mt8196mt8791tmt6989mt8188mt6993mt8792MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2026-20435
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 1.84%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118.

Action-Not Available
Vendor-rdkcentralOpenWrtGoogle LLCMediaTek Inc.Zephyr ProjectThe Linux Foundation
Product-mt6739mt6893mt6878yoctomt6853mt8186mt6897mt6879rdk-bandroidmt6855mt8169mt6765zephyrmt6761mt6768mt6789mt6886mt6983mt6877mt6985mt8696mt6833mt6781mt2737mt8793mt6813openwrtmt6885mt8678mt6895mt8676mt6890mt6990mt6989mt8188mt6880mt6993mt8370mt8390MediaTek chipset
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2026-20434
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 12.32%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6739mt6893mt6980mt6878mt6853mt6897mt8668mt6879mt8673mt6855mt8766rmt6769smt6762mt6761mt6768mt6765tmt8666mt8768mt8766mt8755mt8798mt6985mt6769zmt6781mt6783mt8793mt8771mt6833plr12anr17mt6855tmt8797mt6767mt6885mt6771mt8678mt6877ttmt8676mt6990mt8765mt6896mt6883mt6785mt8791tmt6779mt6763mt8791mt2735mt6853tmt6762mmt6785umt6835tmt6875mt8863mt6889mt8789mt6765mt6878mmt8795tmt6891mt8883mt6985tmt6789mt6877tmt6886mt6983mt6899mt6877mt6769mt6769tmt6833mt8667mt6835mt2737mt6991mt6989tmt8873mt8675mt8893mt6873mt6785tmt6983tmt6895ttmt6895lr13mt6890mt8781mt6875tmt8786mt6762dmt6980dmt6769knr15mt6989mt6880mt8788mt8788enr16mt8792MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20428
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20427
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20426
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20425
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:38
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20787
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt6789mt6739mt8676androidmt6879mt6761mt6855mt6989mt6991mt8796mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt2718mt6853mt8196mt6889mt6877mt6883mt6885mt6983mt6878mt6768mt6781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20786
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6768mt6983mt8673mt6895mt6765mt8791tmt8676mt8798mt8186mt6897mt6789mt8196mt8771mt6833mt8781mt6889mt8765mt8795tmt6835mt8667mt6886mt6878mt6885mt8793mt8796mt8768mt6991mt8188mt6989mt6883mt6899mt6893mt8883mt6853mt8792mt8873mt8766mt6761mt8678androidmt6781mt6985mt6739mt6855mt6877mt6879MediaTek chipset
CWE ID-CWE-415
Double Free
CWE ID-CWE-416
Use After Free
CVE-2025-20785
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20784
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20783
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20782
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.22%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20781
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.06%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6768mt6983mt8673mt6895mt6765mt8791tmt8676mt8798mt8186mt6897mt6789mt8196mt8771mt6833mt8781mt6889mt8765mt8795tmt6835mt8667mt6886mt6878mt6885mt8793mt8796mt8768mt6991mt8188mt6989mt6883mt6899mt6893mt8883mt6853mt8792mt8873mt8766mt6761mt8678androidmt6781mt6985mt6739mt6855mt6877mt6879MediaTek chipset
CWE ID-CWE-415
Double Free
CWE ID-CWE-416
Use After Free
CVE-2025-20780
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.27%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20779
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7||HIGH
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20778
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.11%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20798
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.19%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6765mt8367androidmt6879mt6991mt6989mt6893mt6985mt6835mt8678mt8196mt6877mt8768mt8792mt8793mt8788emt8796mt6768mt8676mt8391mt6855mt2718mt6853mt8766mt8186mt8188mt8696mt8893mt8873mt8791tmt8883mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20797
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.19%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6765mt8367androidmt6879mt6991mt6989mt6893mt6985mt6835mt8678mt8196mt6877mt8768mt8792mt8793mt8788emt8796mt6768mt8676mt8391mt6855mt2718mt6853mt8766mt8186mt8188mt8696mt8893mt8873mt8791tmt8883mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20795
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.14%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt6873mt6580androidmt8395mt6879mt6989mt6991mt8755mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8370mt8195mt8768mt6983mt8792mt8793mt8788emt6878mt6768mt8796mt6789mt6739mt8390mt8391mt8676mt6785mt6761mt6855mt2718mt6853mt8766mt6889mt8186mt8188mt8696mt6883mt8893mt8873mt8791tmt6885mt8883mt6779mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20777
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8768mt6789mt8792mt6989mt8188mt8766mt8873mt8798mt8196mt6833mt8765mt8771mt6739mt6983mt8793mt6895mt8796mt6889mt8186mt8678mt6897mt8667mt8673mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt8795tmt8781mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8791tmt8883androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20776
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8768mt6789mt8792mt6989mt8188mt8766mt8873mt8798mt8196mt6833mt8765mt8771mt6739mt6983mt8793mt6895mt8796mt6889mt8186mt8678mt6897mt8667mt8673mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt8795tmt8781mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8791tmt8883androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20775
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20774
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20773
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4797.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765androidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt6983mt8792mt8793mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2718mt6853mt6889mt6883mt6885mt6781MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20772
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765androidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt6983mt8792mt8793mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2718mt6853mt6889mt6883mt6885mt6781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20771
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4802.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20770
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20769
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-3.4||LOW
EPSS-0.07% / 0.08%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20768
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.16%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6883mt6789mt6886mt6989mt6781mt6835mt6761mt6885mt6991mt6833mt6893mt6739mt6983mt6855mt6895mt6768mt6877mt6899mt6879mt6878mt6853mt6889mt6985androidmt6897mt6765MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20767
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.08%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20766
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.08%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4820.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20765
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.07% / 0.06%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-13 Jan, 2026 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Issue ID: MSV-4833.

Action-Not Available
Vendor-The Linux FoundationGoogle LLCOpenWrtMediaTek Inc.
Product-mt6833mt6886mt6765yoctoandroidmt6879mt8168mt6989mt6991mt8115mt6893mt6895mt6835mt6897mt6985mt6899mt8139mt8512mt8518mt8678mt6877mt8532mt8183mt6983mt8698mt8516mt8695openwrtmt6890mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2737mt2718mt6853mt8519mt8169mt6889mt6990mt8186mt8188mt8696mt6883mt6980dmt6885mt6880mt8163mt8113mt6781MT2718, MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6899, MT6980D, MT6983, MT6985, MT6989, MT6990, MT6991, MT8113, MT8115, MT8139, MT8163, MT8168, MT8169, MT8183, MT8186, MT8188, MT8512, MT8516, MT8518, MT8519, MT8532, MT8676, MT8678, MT8695, MT8696, MT8698
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-20764
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.08%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8873mt8196mt6833mt6739mt6983mt8793mt6895mt8796mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8893androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793, MT8796, MT8873, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20743
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.08% / 0.17%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6877mt8798mt6765mt6983mt8365mt8678mt8195mt8696mt8793mt6897mt8698mt8519mt8169mt8321mt6989mt6781mt8516mt8695mt8781mt8186mt8390mt8391mt6899mt8788emt2718mt8183mt8168mt8676mt8797mt8883mt8786mt8873mt8766mt6853mt8163mt6761mt6991mt8775androidmt6893mt8188mt8196mt8755mt8893mt6768mt8796mt8792mt8385mt8768mt8771mt8512mt8113mt8791tmt6886MT2718, MT6761, MT6765, MT6768, MT6781, MT6853, MT6877, MT6886, MT6893, MT6897, MT6899, MT6983, MT6989, MT6991, MT8113, MT8163, MT8168, MT8169, MT8183, MT8186, MT8188, MT8195, MT8196, MT8321, MT8365, MT8385, MT8390, MT8391, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8755, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788E, MT8791T, MT8792, MT8793, MT8796, MT8797, MT8798, MT8873, MT8883, MT8893
CWE ID-CWE-416
Use After Free
CVE-2025-20730
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.09%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10068463; Issue ID: MSV-4141.

Action-Not Available
Vendor-rdkcentralOpenWrtThe Linux FoundationMediaTek Inc.Google LLC
Product-mt6877mt6765mt6983mt6855mt8678mt2737mt8195mt8696mt6835mt6897yoctomt6895mt6989mt6781mt6985mt6899mt6789rdk-bmt6739mt6879mt6833mt8676mt6853mt6886mt6990mt6761mt6991mt6889mt6878androidmt6893mt8188openwrtmt6768mt6883mt6885MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6990, MT6991, MT8188, MT8195, MT8676, MT8678, MT8696
CWE ID-CWE-287
Improper Authentication
CVE-2025-20725
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.50% / 39.17%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01671924; Issue ID: MSV-4620.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8675mt6983mt6855mt2737mt8795tmt6895mt6875mt6980mt6877tnr15mt6769mt6895ttmt6875tmt6769tmt6833mt8765mt8786mt6877ttmt6880mt8766mt6853mt6990mt6873mt8791mt6893mt6989tmt8667mt6891mt6762mt6769kmt8893mt6985tmt6769zmt8788emt8771mt6767mt6886mt6983tmt6877mt8798mt6762mnr16mt6765mt6853tmt6989mt6985mt8788mt8673mt6762dmt6769smt6980dmt2735mt6739mt8766rmt6879mt8797mt6833pmt6855tmt6896mt6761mt6889mt8666lr12amt6768mt6771mt6765tmt8768mt6883mt6890mt6763mt8791tmt6885MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20726
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.53%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672598; Issue ID: MSV-4622.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8675mt8678mt6855mt6983mt2737mt8795tmt8793mt6835mt6895mt6875mt6980mt6877tmt6769nr15mt6895ttmt6899mt6813mt6875tmt6769tmt6833mt8676mt8765mt8883mt8786mt6877ttmt6880mt8766mt6853mt6990mt6991mt6873mt8791mt6878mt6893mt6835tmt6989tmt8667mt6891mt6762mt6769kmt8893mt6985tmt6769zmt8792mt8771mt8788emt6767mt6886mt6983tmt6877mt8798mt6765nr16mt6762mmt6878mmt6853tmt6897mt6989mt6985mt8788mt8673mt6762dmt6769smt6980dmt8766rmt2735mt6739mt6879mt8797mt6833pmt8873mt6855tmt6896mt6761mt6889mt8666mt8863lr12anr17rmt6768nr17mt6771mt6765tmt8768mt6883mt6890mt6763mt8791tmt6885MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20727
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-8.1||HIGH
EPSS-0.51% / 40.32%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 06:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672601; Issue ID: MSV-4623.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6889mt6765mt6899mt8678mt6769mt6877tmt8883mt6835tmt8788mt8791tmt6833pmt6769zmt8795tmt8786mt6835mt8788emt6855mt6990mt6883mt6765tmt8798mt8765mt2735mt8893mt6769kmt8793mt6877mt6762dmt6833mt6878mmt6896mt6989nr15mt8675mt6989tmt8797mt6853lr12amt6980dmt6768mt6767mt6890mt6873mt6761mt6885nr17mt8673mt8676mt6763mt6895mt6875mt6983tmt6880mt8863mt6897mt6853tmt6769tmt6769smt8873mt6762mmt6983mt8766rnr16mt8768mt8766mt6771mt8791mt8667mt2737mt6980mt6985tmt6893mt6891mt6762mt8771nr17rmt6991mt6813mt6878mt8666mt6877ttmt6985mt6739mt6855tmt6886mt6879mt6895ttmt6875tmt8792MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20705
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 0.52%
||
7 Day CHG~0.00%
Published-01 Sep, 2025 | 05:12
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964.

Action-Not Available
Vendor-OpenWrtThe Linux FoundationMediaTek Inc.Google LLC
Product-mt6990mt6883mt6879mt8696mt6765mt6781mt8169mt6985mt8676mt6886mt6983mt8678mt6880mt8186mt8796mt6877mt6895mt6893mt6980dmt2735androidyoctomt6768mt6885mt6889openwrtmt6761mt6897mt8792mt6991mt8188mt6855mt2718mt6890mt6835mt8775mt6878mt6789mt6853mt6739mt6989mt6899MT2718, MT2735, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6899, MT6980D, MT6983, MT6985, MT6989, MT6990, MT6991, MT8169, MT8186, MT8188, MT8676, MT8678, MT8696, MT8775, MT8792, MT8796
CWE ID-CWE-416
Use After Free
CVE-2025-20698
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 0.61%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 01:49
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6983mt6835mt8676mt8775mt6897mt6899mt6765mt6877mt6895mt6739mt8873mt8796mt6761mt6989androidmt6991mt8893mt8391mt6885mt6879mt6893mt6781mt6853mt8186mt6889mt8678mt6886mt6985mt8883mt6833mt6883mt6878mt8786mt8792mt6855mt8788emt6768mt2718mt8196mt6789MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8196, MT8391, MT8676, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20697
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 0.61%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 01:49
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8775mt6897mt6765mt6877mt8678mt8883mt8873mt8796mt6989mt6761mt6991androidmt6883mt8391mt6878mt6885mt8786mt6879mt6893mt8792mt6855mt8788emt6768mt2718mt8196mt6853mt8186mt6889mt8893MT2718, MT6761, MT6765, MT6768, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6889, MT6893, MT6897, MT6989, MT6991, MT8186, MT8196, MT8391, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 9
  • 10
  • Next