Filtered by vendor Mediatek
Subscriptions
Filtered by product Mt8893
Subscriptions
Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20760 | 1 Mediatek | 51 Mt2735, Mt2737, Mt6833 and 48 more | 2026-01-08 | 7.5 High |
| In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653. | ||||
| CVE-2025-20761 | 2 Mediatek, Mediatk | 102 Mt2735, Mt2737, Mt6833 and 99 more | 2026-01-08 | 7.5 High |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655. | ||||
| CVE-2025-20793 | 1 Mediatek | 53 Mt2735, Mt2737, Mt6813 and 50 more | 2026-01-08 | 7.5 High |
| In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01430930; Issue ID: MSV-4836. | ||||
| CVE-2025-20794 | 2 Mediatek, Mediatk | 87 Mt2735, Mt2737, Mt6813 and 84 more | 2026-01-08 | 7.5 High |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847. | ||||
| CVE-2025-20795 | 2 Google, Mediatek | 55 Android, Mt2718, Mt6580 and 52 more | 2026-01-08 | 7.8 High |
| In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141. | ||||
| CVE-2025-20796 | 2 Google, Mediatek | 4 Android, Mt6989, Mt8796 and 1 more | 2026-01-08 | 7.8 High |
| In imgsys, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10314745; Issue ID: MSV-5553. | ||||
| CVE-2025-20797 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-01-08 | 7.8 High |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534. | ||||
| CVE-2025-20798 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-01-08 | 7.8 High |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533. | ||||
| CVE-2025-20756 | 1 Mediatek | 38 Mt2735, Mt6833, Mt6833p and 35 more | 2025-12-04 | 5.3 Medium |
| In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643. | ||||
| CVE-2025-20754 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-04 | 5.3 Medium |
| In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689251; Issue ID: MSV-4840. | ||||
| CVE-2025-20758 | 1 Mediatek | 64 Mt2735, Mt2737, Mt6813 and 61 more | 2025-12-03 | 4.9 Medium |
| In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673755; Issue ID: MSV-4647. | ||||
| CVE-2025-20759 | 1 Mediatek | 47 Modem, Mt2735, Mt2737 and 44 more | 2025-12-03 | 6.5 Medium |
| In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673760; Issue ID: MSV-4650. | ||||
| CVE-2025-20763 | 2 Google, Mediatek | 28 Android, Mt6833, Mt6835 and 25 more | 2025-12-03 | 7.8 High |
| In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032. | ||||
| CVE-2025-20764 | 2 Google, Mediatek | 34 Android, Mt6739, Mt6761 and 31 more | 2025-12-03 | 7.8 High |
| In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029. | ||||
| CVE-2025-20727 | 1 Mediatek | 90 Lr12a, Modem, Mt2735 and 87 more | 2025-11-05 | 7.5 High |
| In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672601; Issue ID: MSV-4623. | ||||
| CVE-2025-20725 | 2 Mediatek, Mediatk | 141 Lr12a, Mt2735, Mt2737 and 138 more | 2025-11-05 | 7.5 High |
| In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01671924; Issue ID: MSV-4620. | ||||
| CVE-2025-20726 | 1 Mediatek | 90 Lr12a, Modem, Mt2735 and 87 more | 2025-11-05 | 7.5 High |
| In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01672598; Issue ID: MSV-4622. | ||||
| CVE-2025-20743 | 2 Google, Mediatek | 54 Android, Mt2718, Mt6761 and 51 more | 2025-11-05 | 4.2 Medium |
| In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651. | ||||
| CVE-2025-20746 | 6 Google, Linuxfoundation, Mediatek and 3 more | 23 Android, Yocto, Mt2718 and 20 more | 2025-11-05 | 6.7 Medium |
| In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010441; Issue ID: MSV-3967. | ||||
| CVE-2025-20747 | 6 Google, Linuxfoundation, Mediatek and 3 more | 23 Android, Yocto, Mt2718 and 20 more | 2025-11-05 | 6.7 Medium |
| In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966. | ||||