Filtered by vendor Mediatek
Subscriptions
Filtered by product Mt6991
Subscriptions
Total
73 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20801 | 1 Mediatek | 10 Mt6878, Mt6897, Mt6899 and 7 more | 2026-01-06 | 7 High |
| In seninf, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10251210; Issue ID: MSV-4926. | ||||
| CVE-2025-20800 | 1 Mediatek | 6 Mt2718, Mt6899, Mt6989 and 3 more | 2026-01-06 | 7.8 High |
| In mminfra, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267349; Issue ID: MSV-5033. | ||||
| CVE-2025-20797 | 1 Mediatek | 34 Mt2718, Mt6765, Mt6768 and 31 more | 2026-01-06 | 7.8 High |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534. | ||||
| CVE-2025-20795 | 1 Mediatek | 54 Mt2718, Mt6580, Mt6739 and 51 more | 2026-01-06 | 7.8 High |
| In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141. | ||||
| CVE-2025-20794 | 2 Mediatek, Mediatk | 49 Mt6813, Mt6815, Mt6835 and 46 more | 2026-01-06 | 7.5 High |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847. | ||||
| CVE-2025-20779 | 1 Mediatek | 45 Mt6739, Mt6761, Mt6765 and 42 more | 2026-01-06 | 7 High |
| In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720. | ||||
| CVE-2025-20762 | 1 Mediatek | 15 Mt6835, Mt6835t, Mt6878 and 12 more | 2026-01-06 | 7.5 High |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760. | ||||
| CVE-2025-20760 | 1 Mediatek | 48 Mt2735, Mt2737, Mt6833 and 45 more | 2026-01-06 | 7.5 High |
| In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653. | ||||
| CVE-2025-20807 | 1 Mediatek | 3 Mt6899, Mt6991, Mt8793 | 2026-01-06 | 6.7 Medium |
| In dpe, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114841; Issue ID: MSV-4451. | ||||
| CVE-2025-20806 | 1 Mediatek | 3 Mt6899, Mt6991, Mt8793 | 2026-01-06 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479. | ||||
| CVE-2025-20805 | 1 Mediatek | 3 Mt6899, Mt6991, Mt8793 | 2026-01-06 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114696; Issue ID: MSV-4480. | ||||
| CVE-2025-20804 | 1 Mediatek | 2 Mt6899, Mt6991 | 2026-01-06 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10198951; Issue ID: MSV-4503. | ||||
| CVE-2025-20803 | 1 Mediatek | 3 Mt6899, Mt6991, Mt8793 | 2026-01-06 | 6.7 Medium |
| In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10199779; Issue ID: MSV-4504. | ||||
| CVE-2025-20782 | 1 Mediatek | 45 Mt6739, Mt6761, Mt6765 and 42 more | 2026-01-06 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685. | ||||
| CVE-2025-20784 | 2 Mediatek, Mediatk | 45 Mt6781, Mt6789, Mt6835 and 42 more | 2026-01-06 | 6.7 Medium |
| In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683. | ||||
| CVE-2025-20787 | 1 Mediatek | 30 Mt2718, Mt6739, Mt6761 and 27 more | 2026-01-06 | 6.7 Medium |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658. | ||||
| CVE-2025-20786 | 1 Mediatek | 45 Mt6739, Mt6761, Mt6765 and 42 more | 2026-01-06 | 6.7 Medium |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673. | ||||
| CVE-2025-20768 | 2 Google, Mediatek | 26 Android, Mt6739, Mt6761 and 23 more | 2025-12-04 | 7.8 High |
| In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805. | ||||
| CVE-2025-20752 | 1 Mediatek | 50 Modem, Mt2735, Mt2737 and 47 more | 2025-12-04 | 6.5 Medium |
| In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01270690; Issue ID: MSV-4301. | ||||
| CVE-2025-20754 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-04 | 5.3 Medium |
| In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689251; Issue ID: MSV-4840. | ||||