Out of Bounds Write Vulnerability in Mediatek Charger Software
CVE-2025-20749
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 4 November 2025
What is CVE-2025-20749?
The charger software developed by Mediatek is susceptible to a serious vulnerability that allows for an out of bounds write due to the absence of proper bounds checking. This flaw can enable a malicious actor, who has already secured system privileges, to escalate their access without needing any user interaction. The implications of this vulnerability are significant, as it could facilitate unauthorized access and control over the system. To address this issue, Mediatek has released a patch identified as ALPS09915493. For more information, please refer to Mediatek's official product security bulletin.
Affected Version(s)
MT6789, MT6835, MT6855, MT6878, MT6879, MT6886, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8169, MT8188, MT8195, MT8196, MT8781, MT8796 Android 14.0, 15.0, 16.0