Memory Corruption Vulnerability in MediaTek Product
CVE-2025-20786

6.7MEDIUM

Key Information:

Vendor

MediaTek
Status
Mt6739, Mt6761, Mt6765, Mt6768, Mt6781, Mt6789, Mt6833, Mt6835, Mt6853, Mt6855, Mt6877, Mt6878, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6893, Mt6895, Mt6897, Mt6899, Mt6983, Mt6985, Mt6989, Mt6991, Mt8186, Mt8188, Mt8196, Mt8667, Mt8673, Mt8676, Mt8678, Mt8765, Mt8766, Mt8768, Mt8771, Mt8781, Mt8791t, Mt8792, Mt8793, Mt8795t, Mt8796, Mt8798, Mt8873, Mt8883
Vendor
CVE Published:
6 January 2026

What is CVE-2025-20786?

This vulnerability presents a potential for memory corruption due to a use-after-free scenario in MediaTek products. If an attacker manages to gain system privileges, they could exploit this flaw for local privilege escalation, potentially causing unauthorized access to sensitive system resources. The vulnerability does not require user interaction for exploitation, making it a significant security concern. A patch has been issued under ID ALPS10149882 to address this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 Android 14.0, 15.0, 16.0

References

https://corp.mediatek.com/product-security-bulletin/Janua...

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.