Volerion logoVolerion
Volerion logoVolerion

MediaTek KeyInstall Out-of-Bounds Write Vulnerability Allowing Privilege Escalation

Vulnerability

A high-severity out-of-bounds write vulnerability has been identified in the KeyInstall component of various MediaTek chipsets. This issue arises from a missing bounds check, which could potentially lead to local privilege escalation for an attacker who has already gained System privileges. The vulnerability does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user with System privileges to gain elevated rights or access.

Remediation

MediaTek has notified device OEMs of this vulnerability and provided the necessary security patches. For further information, OEMs can contact their MediaTek representative.

Added: Jan 6, 2026, 2:31 AM
Updated: Jan 6, 2026, 2:31 AM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
7.5
exploitability
2.8
remediation
0.0
relevance
1.9
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.