Out of Bounds Write Vulnerability in MediaTek Battery Products
CVE-2025-20797

7.8HIGH

Key Information:

Vendor: MediaTek
Status: Mediatek Chipset
Vendor: CVE Published:; 6 January 2026

What is CVE-2025-20797?

An identified flaw in MediaTek battery products presents an out of bounds write vulnerability due to the absence of proper bounds checks. This security issue allows local privilege escalation opportunities for attackers who already possess system privileges, facilitating potential unauthorized access. Exploitation does not require user interaction. To mitigate this risk, it is imperative to apply the provided patch (Patch ID: ALPS10315812) promptly.

Affected Version(s)

MediaTek chipset MT2718

MediaTek chipset MT6765

MediaTek chipset MT6768

References

https://corp.mediatek.com/product-security-bulletin/Janua...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 6, 2026
Vulnerability Reserved
Nov 1, 2024

CVE-2025-20797 Data

JSON