Memory Corruption Vulnerability in MediaTek Products
CVE-2025-20805

Currently unrated

Key Information:

Vendor

MediaTek
Status
Mt6899, Mt6991, Mt8793
Vendor
CVE Published:
6 January 2026

What is CVE-2025-20805?

A vulnerability in MediaTek's dpe product has been identified, which involves potential memory corruption due to use after free. This flaw can be exploited to escalate privileges locally if an attacker has previously acquired System privileges. Notably, no user interaction is required for exploitation. Security patches and detailed resources are available, including Patch ID: ALPS10114696 and Issue ID: MSV-4480.

Affected Version(s)

MT6899, MT6991, MT8793 Android 16.0

References

https://corp.mediatek.com/product-security-bulletin/Janua...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-20805 : Memory Corruption Vulnerability in MediaTek Products