Out of Bounds Write Vulnerability in MediaTek Battery Products
CVE-2025-20797

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt2718, Mt6765, Mt6768, Mt6781, Mt6833, Mt6835, Mt6853, Mt6855, Mt6877, Mt6879, Mt6893, Mt6985, Mt6989, Mt6991, Mt8186, Mt8188, Mt8196, Mt8367, Mt8391, Mt8676, Mt8678, Mt8696, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788e, Mt8791t, Mt8792, Mt8793, Mt8796, Mt8873, Mt8883, Mt8893
Vendor: CVE Published:; 6 January 2026

What is CVE-2025-20797?

An identified flaw in MediaTek battery products presents an out of bounds write vulnerability due to the absence of proper bounds checks. This security issue allows local privilege escalation opportunities for attackers who already possess system privileges, facilitating potential unauthorized access. Exploitation does not require user interaction. To mitigate this risk, it is imperative to apply the provided patch (Patch ID: ALPS10315812) promptly.

Affected Version(s)

MT2718, MT6765, MT6768, MT6781, MT6833, MT6835, MT6853, MT6855, MT6877, MT6879, MT6893, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8367, MT8391, MT8676, MT8678, MT8696, MT8766, MT8768, MT8781, MT8786, MT8788E, MT8791T, MT8792, MT8793, MT8796, MT8873, MT8883, MT8893 Android 14.0, 15.0, 16.0

References

https://corp.mediatek.com/product-security-bulletin/Janua...

Timeline

Vulnerability published
Jan 6, 2026
Vulnerability Reserved
Nov 1, 2024

JSON