Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

mt6835

Source -

ADPNVD

CNA CVEs -

0

ADP CVEs -

46

CISA CVEs -

0

NVD CVEs -

248
Related CVEsRelated VendorsRelated AssignersReports
248Vulnerabilities found

CVE-2026-20454
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.08% / 0.17%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 03:20
Updated-02 Jun, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6889_firmwaremt8765_firmwaremt6985mt6991_firmwaremt6739mt8673_firmwaremt8788mt8788_firmwaremt6886mt6761mt8798_firmwaremt6855_firmwaremt6885mt6781_firmwaremt6768mt6878mt8673mt6835_firmwaremt6893_firmwaremt6853_firmwaremt6983_firmwaremt8766_firmwaremt6885_firmwaremt6878_firmwaremt6983mt6897mt6883_firmwaremt6883mt6877mt6991mt6895mt6781mt8781mt6897_firmwaremt6989mt6765_firmwaremt8791tmt6789mt6879_firmwaremt6889mt8765mt6765mt8768_firmwaremt6768_firmwaremt6886_firmwaremt8781_firmwaremt6893mt6985_firmwaremt8768mt6899_firmwaremt6739_firmwaremt8798mt6761_firmwaremt8766mt8910_firmwaremt8786_firmwaremt8786mt8793mt6855mt6989_firmwaremt6853mt6877_firmwaremt8793_firmwaremt6835mt6789_firmwaremt8797_firmwaremt8797mt6895_firmwaremt8910mt6879mt6899mt8791t_firmwareMediaTek chipset
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2026-20453
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 1.75%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 03:20
Updated-02 Jun, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6889_firmwaremt8765_firmwaremt6985mt6991_firmwaremt6739mt8673_firmwaremt8788mt8788_firmwaremt6886mt6761mt8798_firmwaremt6855_firmwaremt6885mt6781_firmwaremt6768mt6878mt8673mt6835_firmwaremt6893_firmwaremt6853_firmwaremt6983_firmwaremt8766_firmwaremt6885_firmwaremt6878_firmwaremt6983mt6897mt6883_firmwaremt6883mt6877mt6991mt6895mt6781mt8781mt6897_firmwaremt6989mt6765_firmwaremt8791tmt6789mt6879_firmwaremt6889mt8765mt6765mt8768_firmwaremt6768_firmwaremt6886_firmwaremt8781_firmwaremt6893mt6985_firmwaremt8768mt6899_firmwaremt6739_firmwaremt8798mt6761_firmwaremt8766mt8910_firmwaremt8786_firmwaremt8786mt8793mt6855mt6989_firmwaremt6853mt6877_firmwaremt8793_firmwaremt6835mt6789_firmwaremt8797_firmwaremt8797mt6895_firmwaremt8910mt6879mt6899mt8791t_firmwareMediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20450
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.29% / 21.04%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 05:41
Updated-07 May, 2026 | 12:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01753620; Issue ID: MSV-6100.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8668mt8771_firmwaremt6991_firmwaremt2737_firmwaremt6989_firmwaremt8791mt8798_firmwaremt8795t_firmwaremt6875_firmwaremt6891_firmwaremt6883mt6858mt6990_firmwaremt8798mt6853_firmwaremt8893_firmwaremt8771mt6833_firmwaremt6890_firmwaremt8793_firmwaremt6899mt6986_firmwaremt6879mt8755mt6983mt8775mt6890mt8863_firmwaremt6895_firmwaremt6833mt2735mt8668_firmwaremt6855mt2735_firmwaremt8675mt6877_firmwaremt6853mt6895mt6893mt6893_firmwaremt8792mt6885mt8793mt8883mt6877mt6879_firmwaremt8791t_firmwaremt6986mt6886mt8883_firmwaremt6875mt6897mt6891mt6990mt8755_firmwaremt8873_firmwaremt6896mt6980_firmwaremt8676mt6889_firmwaremt6883_firmwaremt6985_firmwaremt8676_firmwaremt6858_firmwaremt8775_firmwaremt8675_firmwaremt8863mt6873_firmwaremt8795tmt8673_firmwaremt6880_firmwaremt6873mt8673mt6878mt8792_firmwaremt6855_firmwaremt8893mt6899_firmwaremt6991mt8873mt6878_firmwaremt6897_firmwaremt8797_firmwaremt8678_firmwaremt6880mt6985mt6989mt6835mt6993_firmwaremt6885_firmwaremt6835_firmwaremt6886_firmwaremt6980mt6896_firmwaremt6889mt8791_firmwaremt2737mt6993mt8678mt8791tmt6983_firmwaremt8797MediaTek chipset
CWE ID-CWE-617
Reachable Assertion
CVE-2026-20449
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 13.02%
||
7 Day CHG~0.00%
Published-04 May, 2026 | 05:41
Updated-07 May, 2026 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01760138; Issue ID: MSV-6148.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8668mt6779mt6991_firmwaremt2737_firmwaremt8791mt8798_firmwaremt6875_firmwaremt6771mt6990_firmwaremt6768_firmwaremt8771mt6815_firmwaremt8755mt6765mt6890mt8863_firmwaremt6986dmt6895_firmwaremt6833mt2735mt8668_firmwaremt8675mt6877_firmwaremt6767mt6988_firmwaremt6893mt6885mt8793mt8883mt6877mt8791t_firmwaremt6815mt6886mt8883_firmwaremt6875mt6897mt6990mt8873_firmwaremt6896mt6889_firmwaremt6767_firmwaremt6858_firmwaremt8775_firmwaremt6781mt6813mt8863mt6813_firmwaremt6769mt6873_firmwaremt8673_firmwaremt6880_firmwaremt8792_firmwaremt6855_firmwaremt6789_firmwaremt6899_firmwaremt6991mt6897_firmwaremt6880mt6739_firmwaremt6985mt6785_firmwaremt6783_firmwaremt6835mt6761mt6889mt8791_firmwaremt2737mt8797mt8771_firmwaremt6989_firmwaremt6761_firmwaremt6789mt8795t_firmwaremt6891_firmwaremt6883mt6858mt8798mt6853_firmwaremt8893_firmwaremt6833_firmwaremt6769_firmwaremt6890_firmwaremt8793_firmwaremt6899mt6988mt6879mt6983mt8775mt6855mt2735_firmwaremt6853mt6895mt6893_firmwaremt8792mt6879_firmwaremt6986d_firmwaremt6891mt6783mt8755_firmwaremt6765_firmwaremt6763mt6980_firmwaremt8676mt6768mt6883_firmwaremt6985_firmwaremt6762_firmwaremt8676_firmwaremt8675_firmwaremt6781_firmwaremt8795tmt6873mt8673mt6739mt6878mt6771_firmwaremt8893mt6763_firmwaremt6878_firmwaremt8797_firmwaremt8873mt8678_firmwaremt6762mt6989mt6993_firmwaremt6885_firmwaremt6835_firmwaremt6980mt6886_firmwaremt6896_firmwaremt6993mt8678mt8791tmt6785mt6779_firmwaremt6983_firmwareMediaTek chipset
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-20433
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-8.8||HIGH
EPSS-0.34% / 26.38%
||
7 Day CHG~0.00%
Published-07 Apr, 2026 | 03:25
Updated-10 Apr, 2026 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01088681; Issue ID: MSV-4460.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6885_firmwaremt6983mt2737_firmwaremt8675mt6890_firmwaremt6877ttmt6980d_firmwaremt6891_firmwaremt6833p_firmwaremt6833_firmwaremt8676mt8792_firmwaremt6878_firmwaremt6899_firmwaremt6893_firmwaremt6895_firmwaremt6873_firmwaremt6878m_firmwaremt6985_firmwaremt8893_firmwaremt8771mt6833mt6890mt8791mt6880_firmwaremt8673_firmwaremt6896_firmwaremt6990mt6833pmt6878mmt6886_firmwaremt6885mt8863_firmwaremt6983t_firmwaremt6835_firmwaremt8793_firmwaremt6991mt6835t_firmwaremt6877_firmwaremt8771_firmwaremt6853_firmwaremt8668_firmwaremt6893mt8893mt6853t_firmwaremt8797_firmwaremt8676_firmwaremt6879_firmwaremt8883_firmwaremt8791t_firmwaremt6853mt8792mt8873_firmwaremt2735mt8678mt8863mt6897_firmwaremt6855t_firmwaremt6980dmt6985mt8795t_firmwaremt6877mt8755_firmwaremt6879mt8673mt6895mt6991_firmwaremt8775mt6891mt8791tmt8791_firmwaremt6983tmt6896mt6889_firmwaremt6853tmt6897mt8798mt6877tt_firmwaremt6875t_firmwaremt6983_firmwaremt6889mt8795tmt6980mt6985t_firmwaremt6835mt6985tmt6875mt6989t_firmwaremt8775_firmwaremt6813mt6886mt8798_firmwaremt6877t_firmwaremt6878mt6873mt8793mt6877tmt6875tmt6989mt2737mt6883_firmwaremt6883mt6899mt6835tmt6990_firmwaremt6875_firmwaremt8883mt6980_firmwaremt8873mt8668mt6880mt6813_firmwaremt8678_firmwaremt6855_firmwaremt8675_firmwaremt2735_firmwaremt6895tt_firmwaremt8797mt6855tmt8755mt6855mt6989_firmwaremt6895ttmt6989tMediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20432
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-8||HIGH
EPSS-0.29% / 21.34%
||
7 Day CHG~0.00%
Published-07 Apr, 2026 | 03:25
Updated-10 Apr, 2026 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01406170; Issue ID: MSV-4461.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6885_firmwaremt6983mt2737_firmwaremt8675mt6890_firmwaremt8781_firmwaremt6785_firmwaremt6833_firmwaremt6891_firmwaremt8676mt8792_firmwaremt6878_firmwaremt6899_firmwaremt6893_firmwaremt6895_firmwaremt6873_firmwaremt6789mt8893_firmwaremt6985_firmwaremt8771mt6833mt6815mt6890mt8791mt6880_firmwaremt6779_firmwaremt8673_firmwaremt6896_firmwaremt6990mt6886_firmwaremt6885mt8863_firmwaremt8793_firmwaremt6835_firmwaremt6991mt8771_firmwaremt6877_firmwaremt6853_firmwaremt8668_firmwaremt6993mt6781_firmwaremt8893mt6893mt6879_firmwaremt8797_firmwaremt8676_firmwaremt8883_firmwaremt8789mt8791t_firmwaremt8792mt8873_firmwaremt6853mt2735mt6993_firmwaremt8678mt8863mt6897_firmwaremt6781mt6985mt8795t_firmwaremt6877mt8755_firmwaremt6879mt6789_firmwaremt8673mt6895mt6991_firmwaremt6785mt8775mt6891mt8791tmt8791_firmwaremt8798mt6896mt6889_firmwaremt6897mt8781mt6983_firmwaremt6889mt8795tmt6980mt6835mt6875mt8775_firmwaremt6813mt6886mt8798_firmwaremt6873mt6878mt8793mt6783mt8789_firmwaremt6989mt2737mt6779mt6883_firmwaremt6883mt6899mt6990_firmwaremt6875_firmwaremt8883mt8873mt6980_firmwaremt8668mt6880mt6815_firmwaremt6813_firmwaremt8678_firmwaremt6855_firmwaremt8675_firmwaremt2735_firmwaremt8797mt8755mt6855mt6783_firmwaremt6989_firmwareMediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20431
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 22.91%
||
7 Day CHG~0.00%
Published-07 Apr, 2026 | 03:25
Updated-10 Apr, 2026 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6991_firmwaremt8775mt8676mt8792_firmwaremt6878_firmwaremt6899_firmwaremt6897mt6815mt6835mt8775_firmwaremt6813mt6878mt8793mt8863_firmwaremt6835_firmwaremt6991mt8793_firmwaremt8668_firmwaremt6993mt6899mt8883_firmwaremt8883mt8676_firmwaremt8873_firmwaremt8792mt8873mt8668mt6815_firmwaremt6813_firmwaremt6993_firmwaremt6897_firmwaremt8678_firmwaremt8678mt6986mt8863mt6986_firmwaremt8755mt8755_firmwareMediaTek chipset
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-20445
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.12% / 2.38%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6993mt6893mt8771mt6878mt6897mt6879androidmt8797mt6855mt6885mt6889mt8678mt6895mt6886mt6983mt6899mt8755mt8798mt6883mt6985mt6989mt8188mt6835mt6991MediaTek chipset
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2026-20429
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 0.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5535.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-20444
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt6878mt6853mt8186mt6897mt6879androidmt8673mt6855mt6889mt6765mt8795tmt6761mt6768mt8883mt6789mt6886mt6983mt8768mt8766mt6899mt6877mt8798mt6985mt6833mt8667mt6835mt6781mt6991mt8793mt8771mt8796mt8873mt6885mt8678mt6895mt8676mt8765mt8781mt6883mt8196mt8791tmt6989mt8188mt6993mt8792MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20443
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt6878mt6853mt8186mt6897mt6879androidmt8673mt6855mt6889mt6765mt8795tmt6761mt6768mt8883mt6789mt6886mt6983mt8768mt8766mt6899mt6877mt8798mt6985mt6833mt8667mt6835mt6781mt6991mt8793mt8771mt8796mt8873mt6885mt8678mt6895mt8676mt8765mt8781mt6883mt8196mt8791tmt6989mt8188mt6993mt8792MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2026-20442
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 0.05%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5723.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt6878mt6853mt8186mt6897mt6879androidmt8673mt6855mt6889mt6765mt8795tmt6761mt6768mt8883mt6789mt6886mt6983mt8768mt8766mt6899mt6877mt8798mt6985mt6833mt8667mt6835mt6781mt6991mt8793mt8771mt8796mt8873mt6885mt8678mt6895mt8676mt8765mt8781mt6883mt8196mt8791tmt6989mt8188mt6993mt8792MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2026-20434
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 12.32%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6739mt6893mt6980mt6878mt6853mt6897mt8668mt6879mt8673mt6855mt8766rmt6769smt6762mt6761mt6768mt6765tmt8666mt8768mt8766mt8755mt8798mt6985mt6769zmt6781mt6783mt8793mt8771mt6833plr12anr17mt6855tmt8797mt6767mt6885mt6771mt8678mt6877ttmt8676mt6990mt8765mt6896mt6883mt6785mt8791tmt6779mt6763mt8791mt2735mt6853tmt6762mmt6785umt6835tmt6875mt8863mt6889mt8789mt6765mt6878mmt8795tmt6891mt8883mt6985tmt6789mt6877tmt6886mt6983mt6899mt6877mt6769mt6769tmt6833mt8667mt6835mt2737mt6991mt6989tmt8873mt8675mt8893mt6873mt6785tmt6983tmt6895ttmt6895lr13mt6890mt8781mt6875tmt8786mt6762dmt6980dmt6769knr15mt6989mt6880mt8788mt8788enr16mt8792MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20428
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20427
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20426
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:39
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20425
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.15%
||
7 Day CHG~0.00%
Published-02 Mar, 2026 | 08:38
Updated-30 Mar, 2026 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6739mt6893mt8793mt6993mt6878mt6853mt6897mt6879androidmt6855mt6885mt6889mt6765mt8678mt6895mt6761mt6768mt6789mt6781mt6886mt6983mt6899mt6883mt6877mt6985mt8196mt6833mt6989mt6835mt6991MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20406
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 11.61%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:14
Updated-30 Mar, 2026 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01726634; Issue ID: MSV-5728.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt6986mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8668mt8863mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt8792mt6858mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-20405
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 11.96%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:14
Updated-30 Mar, 2026 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01688495; Issue ID: MSV-4818.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt6986mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8668mt8863mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt8792mt6858mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-617
Reachable Assertion
CVE-2026-20404
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.46% / 36.83%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:14
Updated-30 Mar, 2026 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689248; Issue ID: MSV-4837.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt6986mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8668mt8863mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt8792mt6858mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20403
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 11.96%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:14
Updated-30 Mar, 2026 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689254 (Note: For N15 and NR16) / MOLY01689259 (Note: For NR17 and NR17R); Issue ID: MSV-4843.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt6855mt6985mt2735mt6890mt6893mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt2737mt6835MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-20422
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 11.96%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:14
Updated-30 Mar, 2026 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00827332; Issue ID: MSV-5919.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt6986mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8668mt8863mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8775mt8797nr15mt6895mt6896mt8771mt8792mt6858mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-617
Reachable Assertion
CVE-2026-20420
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 11.96%
||
7 Day CHG~0.00%
Published-02 Feb, 2026 | 08:14
Updated-30 Mar, 2026 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738313; Issue ID: MSV-5935.

Action-Not Available
Vendor-MediaTek Inc.
Product-nr16mt6879mt6989mt6813mt6883nr17mt6897mt6986mt6855mt6985mt2735mt6890mt6893mt6980nr17rmt6853mt6889mt8791mt6990mt6833mt6873mt6878mt6880nr15mt6895mt6896mt6858mt6983mt6877mt6886mt6891mt6993mt6899mt6875mt8676mt6815mt6885mt6991mt2737mt6835MediaTek chipset
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20787
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt6789mt6739mt8676androidmt6879mt6761mt6855mt6989mt6991mt8796mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt2718mt6853mt8196mt6889mt6877mt6883mt6885mt6983mt6878mt6768mt6781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20786
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6768mt6983mt8673mt6895mt6765mt8791tmt8676mt8798mt8186mt6897mt6789mt8196mt8771mt6833mt8781mt6889mt8765mt8795tmt6835mt8667mt6886mt6878mt6885mt8793mt8796mt8768mt6991mt8188mt6989mt6883mt6899mt6893mt8883mt6853mt8792mt8873mt8766mt6761mt8678androidmt6781mt6985mt6739mt6855mt6877mt6879MediaTek chipset
CWE ID-CWE-415
Double Free
CWE ID-CWE-416
Use After Free
CVE-2025-20785
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20784
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20783
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.07%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:47
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20782
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 0.22%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20781
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.06%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6768mt6983mt8673mt6895mt6765mt8791tmt8676mt8798mt8186mt6897mt6789mt8196mt8771mt6833mt8781mt6889mt8765mt8795tmt6835mt8667mt6886mt6878mt6885mt8793mt8796mt8768mt6991mt8188mt6989mt6883mt6899mt6893mt8883mt6853mt8792mt8873mt8766mt6761mt8678androidmt6781mt6985mt6739mt6855mt6877mt6879MediaTek chipset
CWE ID-CWE-415
Double Free
CWE ID-CWE-416
Use After Free
CVE-2025-20780
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.27%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20779
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7||HIGH
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20778
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 0.11%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20798
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.19%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6765mt8367androidmt6879mt6991mt6989mt6893mt6985mt6835mt8678mt8196mt6877mt8768mt8792mt8793mt8788emt8796mt6768mt8676mt8391mt6855mt2718mt6853mt8766mt8186mt8188mt8696mt8893mt8873mt8791tmt8883mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20797
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.19%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6765mt8367androidmt6879mt6991mt6989mt6893mt6985mt6835mt8678mt8196mt6877mt8768mt8792mt8793mt8788emt8796mt6768mt8676mt8391mt6855mt2718mt6853mt8766mt8186mt8188mt8696mt8893mt8873mt8791tmt8883mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20760
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 17.11%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6883mt6897nr17mt6986mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8863mt6980mt6853mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt8792mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6889mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-617
Reachable Assertion
CVE-2025-20761
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 14.21%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt6853tmt8791tmt6883mt6897nr17mt8793mt6855mt6833pmt6985mt2735mt8873mt6890mt6893mt6877tmt8863mt6980mt6875tmt6853mt8795tmt2737mt6835tmt8798mt8791mt6990mt8678mt6833mt6873mt6880mt6983tmt8797mt6985tnr15mt6895mt6896mt8771mt8792mt6983mt6877mt6886mt6895ttmt6891mt8675mt6980dmt6875mt6855tmt8676mt6989tmt6889mt6885mt8883mt6877ttmt6835MediaTek chipset
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2025-20762
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 17.11%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8755mt6897nr17mt8793mt8792mt8873mt6878mmt8863mt6899mt6835tmt8676mt6991mt8883mt6878mt8678mt6835MediaTek chipset
CWE ID-CWE-617
Reachable Assertion
CVE-2025-20793
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 16.73%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01430930; Issue ID: MSV-4836.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8863mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt8792mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-20794
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 16.00%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt8673mt8893mt8755nr16mt6879mt6989mt8791tmt6813mt6883nr17mt6897mt6986mt8793mt6855mt6985mt2735mt8873mt6890mt6893mt8863mt6980nr17rmt6853mt6889mt8795tmt8798mt8791mt6990mt8678mt6833mt6873mt6878mt6880mt8797nr15mt6895mt6896mt8771mt8792mt6983mt6877mt6886mt6891mt6993mt6899mt8675mt6875mt8676mt6815mt6885mt6991mt8883mt2737mt6835MediaTek chipset
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-20795
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 0.14%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt6873mt6580androidmt8395mt6879mt6989mt6991mt8755mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8370mt8195mt8768mt6983mt8792mt8793mt8788emt6878mt6768mt8796mt6789mt6739mt8390mt8391mt8676mt6785mt6761mt6855mt2718mt6853mt8766mt6889mt8186mt8188mt8696mt6883mt8893mt8873mt8791tmt6885mt8883mt6779mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20777
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8768mt6789mt8792mt6989mt8188mt8766mt8873mt8798mt8196mt6833mt8765mt8771mt6739mt6983mt8793mt6895mt8796mt6889mt8186mt8678mt6897mt8667mt8673mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt8795tmt8781mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8791tmt8883androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20776
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8768mt6789mt8792mt6989mt8188mt8766mt8873mt8798mt8196mt6833mt8765mt8771mt6739mt6983mt8793mt6895mt8796mt6889mt8186mt8678mt6897mt8667mt8673mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt8795tmt8781mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8791tmt8883androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-20775
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20774
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20773
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4797.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765androidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt6983mt8792mt8793mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2718mt6853mt6889mt6883mt6885mt6781MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20772
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765androidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt6983mt8792mt8793mt6878mt6768mt6789mt6739mt8676mt6761mt6855mt2718mt6853mt6889mt6883mt6885mt6781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-416
Use After Free
CVE-2025-20771
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4802.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20770
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 0.10%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-416
Use After Free
CVE-2025-20769
Assigner-MediaTek, Inc.
ShareView Details
Assigner-MediaTek, Inc.
CVSS Score-3.4||LOW
EPSS-0.07% / 0.08%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next