MediaTek Mt6789
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in MediaTek Mt6789.
By the Year
In 2026 there have been 21 vulnerabilities in MediaTek Mt6789 with an average score of 6.6 out of ten. Last year, in 2025 Mt6789 had 2 security vulnerabilities published. That is, 19 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 21 | 6.64 |
| 2025 | 2 | 0.00 |
It may take a day or so for new Mt6789 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MediaTek Mt6789 Security Vulnerabilities
Out of Bounds Read in MediaTek Display Driver Enables Local Info Disclosure
CVE-2026-20429
4.4 - Medium
- March 02, 2026
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5535.
Out-of-bounds Read
Mediatek Display Driver LPE via Bounds Check Overflow
CVE-2026-20444
6.7 - Medium
- March 02, 2026
In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721.
Memory Corruption
MediaTek Display Driver Use-After-Free Enables Local Priv Escalation
CVE-2026-20443
6.7 - Medium
- March 02, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.
Dangling pointer
MediaTek Display Driver UAF: Local DoS via Use-After-Free
CVE-2026-20442
4.4 - Medium
- March 02, 2026
In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5723.
Dangling pointer
MediaTek Preloader Local Info Disclosure via UID Exposure
CVE-2026-20435
4.6 - Medium
- March 02, 2026
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118.
Insufficiently Protected Credentials
Out-of-bounds write in MediaTek Modem firmware leads to privilege escalation
CVE-2026-20434
7.5 - High
- March 02, 2026
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.
Memory Corruption
MediaTek Display Driver OOB Write Local Privilege Escalation
CVE-2026-20428
6.7 - Medium
- March 02, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536.
Memory Corruption
MediaTek Display Driver Priv Escalation via Bounds Check
CVE-2026-20427
6.7 - Medium
- March 02, 2026
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.
Memory Corruption
MediaTek Display Driver OOB Write Enables Local PrivEsc
CVE-2026-20426
6.7 - Medium
- March 02, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538.
Memory Corruption
MediaTek Display Driver OOB Write Escalation
CVE-2026-20425
6.7 - Medium
- March 02, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539.
Memory Corruption
MediaTek Display Driver UAF leads to local privilege escalation
CVE-2025-20787
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.
Dangling pointer
Use-After-Free in MediaTek Display Driver Enables Local Priv Escalation
CVE-2025-20786
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.
Double-free
MediaTek Display Driver Use-After-Free Enables Local Priv Esc
CVE-2025-20785
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.
Dangling pointer
MediaTek Display Driver Memory Corruption Priv Escalation
CVE-2025-20784
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.
Use of Uninitialized Variable
MediaTek Display Driver OOB Write PrivEsc
CVE-2025-20783
6.7 - Medium
- January 06, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.
Memory Corruption
MediaTek Display Driver OOB Write Unchecked Bounds (Local PrivEsc)
CVE-2025-20782
6.7 - Medium
- January 06, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.
Memory Corruption
MediaTek Display Driver UAF Memory Corruption Enables Priv Escalation
CVE-2025-20781
7.8 - High
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.
Double-free
MediaTek Display Driver UAF causes privilege escalation
CVE-2025-20780
7.8 - High
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712.
Dangling pointer
Use-after-free in MediaTek Display Driver Enables Local Priv Esc
CVE-2025-20779
7 - High
- January 06, 2026
In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720.
Dangling pointer
MediaTek Display Driver OOB Write Priv Esc Vulnerability
CVE-2025-20778
7.8 - High
- January 06, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729.
Memory Corruption
MediaTek KeyInstall OOB Write Vulnerability (CVE-2025-20795)
CVE-2025-20795
7.8 - High
- January 06, 2026
In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141.
Memory Corruption
Local Priv Esc via Permission Bypass in DA Component – Logic Error
CVE-2025-20658
- April 07, 2025
In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.
Memory Corruption
CVE-2025-20656: OOB Write in DA Enables Physical Local Priv Esc Escalation
CVE-2025-20656
- April 07, 2025
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MediaTek Mt6789 or by MediaTek? Click the Watch button to subscribe.
