Primary

Context

MediaTek Chipsets Out-of-Bounds Write Vulnerability in scp Component Allowing Local Privilege Escalation

Vulnerability

A vulnerability has been identified in the scp component of certain MediaTek chipsets, specifically in the MT6878, MT6897, MT6899, MT6989, MT6991, MT8775, and MT8796 series, all running Android versions 14.0 or 15.0. This vulnerability arises from a missing bounds check, leading to a possible out-of-bounds write. If exploited, it could allow a malicious actor with System privileges to escalate privileges further.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user with System rights to gain elevated privileges.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek Chipsets Out-of-Bounds Write Vulnerability in scp Component Allowing Local Privilege Escalation

Vulnerability

Impact

Affected Products

MediaTek MT6878

MediaTek MT6897

MediaTek MT6899

MediaTek MT6989

MediaTek MT6991

MediaTek MT8775

MediaTek MT8796

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating