Memory Corruption Vulnerability in MediaTek Products
CVE-2025-20785

6.7MEDIUM

Key Information:

Vendor

MediaTek
Status
Mt6739, Mt6761, Mt6765, Mt6768, Mt6781, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6897, Mt6899, Mt6983, Mt6985, Mt6989, Mt6991, Mt8186, Mt8188, Mt8196, Mt8667, Mt8673, Mt8676, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8781, Mt8791t, Mt8792, Mt8793, Mt8795t, Mt8796, Mt8798, Mt8873, Mt8883
Vendor
CVE Published:
6 January 2026

What is CVE-2025-20785?

A vulnerability exists in MediaTek systems that can result in memory corruption due to a 'use after free' condition. This issue enables a potential local escalation of privileges when an attacker already possesses system privileges. Notably, user interaction is not required for the exploit to occur, which heightens the risk of unauthorized access. Patching this vulnerability is crucial to mitigate potential threats and ensure product security.

Affected Version(s)

MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 Android 14.0, 15.0, 16.0

References

https://corp.mediatek.com/product-security-bulletin/Janua...

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-20785 : Memory Corruption Vulnerability in MediaTek Products