Memory Corruption Vulnerability in MediaTek Devices
CVE-2025-20780

7.8HIGH

Key Information:

Vendor

MediaTek
Status
Mt6739, Mt6761, Mt6765, Mt6768, Mt6781, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6897, Mt6899, Mt6983, Mt6985, Mt6989, Mt6991, Mt8186, Mt8188, Mt8196, Mt8667, Mt8673, Mt8676, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8781, Mt8791t, Mt8792, Mt8793, Mt8795t, Mt8796, Mt8798, Mt8873, Mt8883
Vendor
CVE Published:
6 January 2026

What is CVE-2025-20780?

A potential memory corruption issue exists within MediaTek devices due to a use-after-free condition in the display component. This vulnerability allows a malicious actor, who has gained system privileges, to escalate privileges without requiring user interaction. This could lead to serious security risks if not addressed appropriately. Affected users should apply the necessary patches to ensure their systems remain secure.

Affected Version(s)

MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 Android 15.0, 16.0

References

https://corp.mediatek.com/product-security-bulletin/Janua...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-20780 : Memory Corruption Vulnerability in MediaTek Devices