Primary

Context

MediaTek Chipsets Privilege Escalation Vulnerability Due to Use-After-Free Memory Corruption

Vulnerability

A use-after-free vulnerability has been identified in the Digital Post-Processing Engine (DPE) of certain MediaTek chipsets. This vulnerability can lead to memory corruption, potentially allowing local escalation of privileges for an attacker who has already obtained system privileges. The issue does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation by allowing a user with system privileges to gain elevated rights or access.

Added: Jan 6, 2026, 2:20 AM

Updated: Jan 6, 2026, 2:20 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

0.0

relevance

1.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek Chipsets Privilege Escalation Vulnerability Due to Use-After-Free Memory Corruption

Vulnerability

Impact

Affected Products

MediaTek MT6899

MediaTek MT6991

MediaTek MT8793

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating