Primary

Context

MediaTek Chipsets MAE Component Privilege Escalation Vulnerability

Vulnerability

A vulnerability allowing out-of-bounds write operations has been identified in the MAE component of certain MediaTek chipsets. This issue arises from a missing bounds check, which could lead to local privilege escalation for an actor with System privileges. The vulnerability does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user with System rights to gain elevated privileges.

Remediation

Device OEMs have been notified of this vulnerability and the corresponding security patches are available. For further information, OEMs can contact their MediaTek representative.

Added: Mar 2, 2026, 9:24 AM

Updated: Mar 2, 2026, 2:22 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

2.8

remediation

3.3

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

2.8

remediation

3.3

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek Chipsets MAE Component Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

MediaTek MT2718

MediaTek MT6899

MediaTek MT6991

MediaTek MT8678

MediaTek MT8793

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating