CVE-2025-20797
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-06
Last updated on: 2026-01-08
Assigner: MediaTek, Inc.
Description
Description
In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | 14.0 | |
| android | 15.0 | |
| android | 16.0 | |
| mediatek | mt2718 | * |
| mediatek | mt6765 | * |
| mediatek | mt6768 | * |
| mediatek | mt6781 | * |
| mediatek | mt6833 | * |
| mediatek | mt6835 | * |
| mediatek | mt6853 | * |
| mediatek | mt6855 | * |
| mediatek | mt6877 | * |
| mediatek | mt6879 | * |
| mediatek | mt6893 | * |
| mediatek | mt6985 | * |
| mediatek | mt6989 | * |
| mediatek | mt6991 | * |
| mediatek | mt8186 | * |
| mediatek | mt8188 | * |
| mediatek | mt8196 | * |
| mediatek | mt8367 | * |
| mediatek | mt8391 | * |
| mediatek | mt8676 | * |
| mediatek | mt8678 | * |
| mediatek | mt8696 | * |
| mediatek | mt8766 | * |
| mediatek | mt8768 | * |
| mediatek | mt8781 | * |
| mediatek | mt8786 | * |
| mediatek | mt8788e | * |
| mediatek | mt8791t | * |
| mediatek | mt8792 | * |
| mediatek | mt8793 | * |
| mediatek | mt8796 | * |
| mediatek | mt8873 | * |
| mediatek | mt8883 | * |
| mediatek | mt8893 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
