Primary

Context

MediaTek Chipsets Out-of-Bounds Write Vulnerability in Mminfra Component Allowing Privilege Escalation

Vulnerability

A vulnerability has been identified in the mminfra component of certain MediaTek chipsets, allowing for a possible out-of-bounds write due to a missing bounds check. This vulnerability could lead to local privilege escalation, but requires that the attacker has already obtained system privileges. The issue does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in a local escalation of privileges on the affected device.

Remediation

MediaTek has notified device OEMs of this vulnerability and provided the corresponding security patches. For further information, OEMs can contact their MediaTek representative.

Added: Jan 6, 2026, 2:25 AM

Updated: Jan 6, 2026, 2:25 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek Chipsets Out-of-Bounds Write Vulnerability in Mminfra Component Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

MediaTek MT2718

MediaTek MT6899

MediaTek MT6989

MediaTek MT6991

MediaTek MT8678

MediaTek MT8793

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating