Out of Bounds Write Vulnerability in MediaTek Products
CVE-2025-20778

7.8HIGH

Key Information:

Vendor: MediaTek
Status: Mediatek Chipset
Vendor: CVE Published:; 6 January 2026

What is CVE-2025-20778?

An out of bounds write vulnerability exists in certain MediaTek products due to a lack of proper bounds checking. This flaw can enable a malicious actor, who already possesses system-level privileges, to escalate their access without the need for user interaction. The issue is cataloged under Patch ID: ALPS10184870 and Issue ID: MSV-4729. Remediation is crucial to safeguard against potential exploitations.

Affected Version(s)

MediaTek chipset MT6739

MediaTek chipset MT6761

MediaTek chipset MT6765

References

https://corp.mediatek.com/product-security-bulletin/Janua...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 6, 2026
Vulnerability Reserved
Nov 1, 2024

CVE-2025-20778 Data

JSON