Primary

Context

MediaTek Chipsets c2ps Use-After-Free Vulnerability Allowing Privilege Escalation

Vulnerability

A use-after-free vulnerability has been identified in the c2ps component of certain MediaTek chipsets. This vulnerability can lead to memory corruption and, if exploited, allows for local escalation of privileges, particularly for an actor who has already obtained system privileges. The issue does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in memory corruption, leading to potential unauthorized access to elevated privileges on the affected system.

Remediation

Device OEMs have been notified of this vulnerability and the corresponding security patches are available. For further information, OEMs can contact their MediaTek representative.

Added: Jan 6, 2026, 2:26 AM

Updated: Jan 6, 2026, 2:26 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

3.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

3.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek Chipsets c2ps Use-After-Free Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

MediaTek MT6899

MediaTek MT6991

MediaTek MT6993

MediaTek MT8793

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating