Volerion logoVolerion
Volerion logoVolerion

MediaTek Chipsets GNSS Service Stack Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

A stack overflow vulnerability has been identified in the GNSS service of certain MediaTek chipsets. This issue arises from an incorrect bounds check, leading to a possible out-of-bounds write. If exploited, it could allow a local attacker with system privileges to escalate privileges further. The vulnerability does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Remediation

Device OEMs have been notified of this vulnerability and the corresponding security patches are available. For further information, OEMs can contact their MediaTek representative.

Added: Nov 4, 2025, 7:23 AM
Updated: Nov 4, 2025, 2:30 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
7.5
exploitability
2.8
remediation
7.7
relevance
0.9
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.