Primary

Context

MediaTek Modem Heap Buffer Overflow Vulnerability Leading to Privilege Escalation

Vulnerability

A heap buffer overflow vulnerability has been identified in the modem component of certain MediaTek chipsets. This vulnerability allows for an out-of-bounds write, which could be exploited to escalate privileges remotely. The issue arises when a user equipment (UE) connects to a rogue base station controlled by an attacker. Notably, no additional execution privileges are required for exploitation, and user interaction is not needed.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation on the affected device.

Remediation

MediaTek has issued a patch for this vulnerability, which can be applied by device manufacturers. Instructions for applying the patch are available through MediaTek's official channels.

Added: Nov 4, 2025, 7:44 AM

Updated: Nov 4, 2025, 7:44 AM

Affected Products

MediaTek MT2735

0 remedies

cpe:2.3:h:mediatek:mt2735:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT2737

0 remedies

cpe:2.3:h:mediatek:mt2737:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6739

0 remedies

cpe:2.3:h:mediatek:mt6739:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6761

0 remedies

cpe:2.3:h:mediatek:mt6761:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6762

0 remedies

cpe:2.3:h:mediatek:mt6762:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6762D

0 remedies

cpe:2.3:h:mediatek:mt6762d:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6762M

0 remedies

cpe:2.3:h:mediatek:mt6762m:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6763

0 remedies

cpe:2.3:h:mediatek:mt6763:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6765

0 remedies

cpe:2.3:h:mediatek:mt6765:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6765T

0 remedies

cpe:2.3:h:mediatek:mt6765t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6767

0 remedies

cpe:2.3:h:mediatek:mt6767:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6768

0 remedies

cpe:2.3:h:mediatek:mt6768:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6769

0 remedies

cpe:2.3:h:mediatek:mt6769:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6769K

0 remedies

cpe:2.3:h:mediatek:mt6769k:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6769S

0 remedies

cpe:2.3:h:mediatek:mt6769s:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6769T

0 remedies

cpe:2.3:h:mediatek:mt6769t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6769Z

0 remedies

cpe:2.3:h:mediatek:mt6769z:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6771

0 remedies

cpe:2.3:h:mediatek:mt6771:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6813

0 remedies

cpe:2.3:h:mediatek:mt6813:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6833

0 remedies

cpe:2.3:h:mediatek:mt6833:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6833P

0 remedies

cpe:2.3:h:mediatek:mt6833p:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6835

0 remedies

cpe:2.3:h:mediatek:mt6835:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6835T

0 remedies

cpe:2.3:h:mediatek:mt6835t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6853

0 remedies

cpe:2.3:h:mediatek:mt6853:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6853T

0 remedies

cpe:2.3:h:mediatek:mt6853t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6855

0 remedies

cpe:2.3:h:mediatek:mt6855:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6855T

0 remedies

cpe:2.3:o:mediatek:mt6855t_firmware:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6873

0 remedies

cpe:2.3:h:mediatek:mt6873:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6875

0 remedies

cpe:2.3:h:mediatek:mt6875:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6875T

0 remedies

cpe:2.3:h:mediatek:mt6875t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6877

0 remedies

cpe:2.3:h:mediatek:mt6877:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6878

0 remedies

cpe:2.3:h:mediatek:mt6878:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6878M

0 remedies

cpe:2.3:o:mediatek:mt6878m_firmware:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6890

0 remedies

cpe:2.3:h:mediatek:mt6890:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6891

0 remedies

cpe:2.3:h:mediatek:mt6891:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6893

0 remedies

cpe:2.3:h:mediatek:mt6893:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6895

0 remedies

cpe:2.3:h:mediatek:mt6895:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6896

0 remedies

cpe:2.3:h:mediatek:mt6896:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6897

0 remedies

cpe:2.3:o:mediatek:mt6897_firmware:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6899

0 remedies

cpe:2.3:h:mediatek:mt6899:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6980

0 remedies

cpe:2.3:h:mediatek:mt6980:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6980D

0 remedies

cpe:2.3:h:mediatek:mt6980d:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6983

0 remedies

cpe:2.3:h:mediatek:mt6983:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6983T

0 remedies

cpe:2.3:h:mediatek:mt6983t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6985

0 remedies

cpe:2.3:h:mediatek:mt6985:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6985T

0 remedies

cpe:2.3:o:mediatek:mt6985t_firmware:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6989

0 remedies

cpe:2.3:h:mediatek:mt6989:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6989T

0 remedies

cpe:2.3:h:mediatek:mt6989t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6990

0 remedies

cpe:2.3:h:mediatek:mt6990:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6991

0 remedies

cpe:2.3:h:mediatek:mt6991:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8666

0 remedies

cpe:2.3:h:mediatek:mt8666:*:*:*:*:*:*:*

0 remedies

MediaTek MT8667

0 remedies

cpe:2.3:h:mediatek:mt8666b:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8673

0 remedies

cpe:2.3:h:mediatek:mt8667:*:*:*:*:*:*:*

0 remedies

MediaTek MT8675

0 remedies

cpe:2.3:h:mediatek:mt8673:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8676

0 remedies

cpe:2.3:h:mediatek:mt8675:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8678

0 remedies

cpe:2.3:h:mediatek:mt8676:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8765

0 remedies

cpe:2.3:h:mediatek:mt8678:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8766

0 remedies

cpe:2.3:h:mediatek:mt8765:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8766R

0 remedies

cpe:2.3:h:mediatek:mt8766:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8768

0 remedies

cpe:2.3:h:mediatek:mt8766r:*:*:*:*:*:*:*

0 remedies

MediaTek MT8771

0 remedies

cpe:2.3:h:mediatek:mt8768:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8786

0 remedies

cpe:2.3:h:mediatek:mt8771:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8788

0 remedies

cpe:2.3:h:mediatek:mt8786:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8788E

0 remedies

cpe:2.3:o:mediatek:mt8788_firmware:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8791

0 remedies

cpe:2.3:h:mediatek:mt8788e:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8791T

0 remedies

cpe:2.3:h:mediatek:mt8791:*:*:*:*:*:*:*

0 remedies

MediaTek MT8792

0 remedies

cpe:2.3:h:mediatek:mt8791t:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8793

0 remedies

cpe:2.3:h:mediatek:mt8792:*:*:*:*:*:*:*

0 remedies

MediaTek MT8795T

0 remedies

MediaTek MT8797

0 remedies

cpe:2.3:h:mediatek:mt8795t:*:*:*:*:*:*:*

0 remedies

MediaTek MT8798

0 remedies

cpe:2.3:h:mediatek:mt8797:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8863

0 remedies

cpe:2.3:h:mediatek:mt8798:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8873

0 remedies

cpe:2.3:h:mediatek:mt8863:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT8883

0 remedies

cpe:2.3:h:mediatek:mt8871:*:*:*:*:*:*:*

0 remedies

MediaTek MT8893

0 remedies

cpe:2.3:h:mediatek:mt8891:*:*:*:*:*:*:*

0 remedies

MediaTek MT7902

0 remedies

cpe:2.3:h:mediatek:mt8893:*:*:*:*:*:*:*

0 remedies

MediaTek MT7920

0 remedies

cpe:2.3:h:mediatek:mt7902:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7921

0 remedies

cpe:2.3:h:mediatek:mt7920:*:*:*:*:*:*:*

0 remedies

MediaTek MT7922

0 remedies

cpe:2.3:h:mediatek:mt7921:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7925

0 remedies

cpe:2.3:h:mediatek:mt7922:*:*:*:*:*:*:*

0 remedies

MediaTek MT7927

0 remedies

cpe:2.3:h:mediatek:mt7925:*:*:*:*:*:*:*

0 remedies

MediaTek MT7615

0 remedies

cpe:2.3:h:mediatek:mt7927:*:*:*:*:*:*:*

0 remedies

MediaTek MT7622

0 remedies

cpe:2.3:h:mediatek:mt7615:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7663

0 remedies

cpe:2.3:h:mediatek:mt7622:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7915

0 remedies

cpe:2.3:h:mediatek:mt7663:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7916

0 remedies

cpe:2.3:h:mediatek:mt7915:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7981

0 remedies

cpe:2.3:h:mediatek:mt7916:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT7986

0 remedies

cpe:2.3:h:mediatek:mt7981:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6781

0 remedies

cpe:2.3:h:mediatek:mt7986:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6789

0 remedies

cpe:2.3:h:mediatek:mt6781:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6855

0 remedies

cpe:2.3:h:mediatek:mt6789:*:*:*:*:*:*:*, +1 more

0 remedies

MediaTek MT6982

0 remedies

cpe:2.3:h:mediatek:mt6879:*:*:*:*:*:*:*, +1 more

0 remedies

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

5.4

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

5.4

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.