Privilege Escalation Vulnerability in MediaTek Preloader Software
CVE-2025-20730

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt2737, Mt6739, Mt6761, Mt6765, Mt6768, Mt6781, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6897, Mt6899, Mt6983, Mt6985, Mt6989, Mt6990, Mt6991, Mt8188, Mt8195, Mt8676, Mt8678, Mt8696
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-20730?

A vulnerability in the MediaTek preloader software could allow an attacker to escalate privileges locally. If a malicious actor gains the System privilege, they can exploit this issue without requiring user interaction, potentially compromising the device's integrity and security.

Affected Version(s)

MT2737, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6990, MT6991, MT8188, MT8195, MT8676, MT8678, MT8696 Android 13.0, 14.0, 15.0, 16.0 / openWRT 21.02, 23.05 / Yocto 4.0 / RDK-B 24Q1

References

https://corp.mediatek.com/product-security-bulletin/Novem...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Nov 1, 2024

JSON