MediaTek Mt6895
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in MediaTek Mt6895.
By the Year
In 2026 there have been 34 vulnerabilities in MediaTek Mt6895 with an average score of 6.6 out of ten. Last year, in 2025 Mt6895 had 2 security vulnerabilities published. That is, 32 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 34 | 6.60 |
| 2025 | 2 | 0.00 |
| 2024 | 1 | 7.40 |
It may take a day or so for new Mt6895 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MediaTek Mt6895 Security Vulnerabilities
MediaTek MDDP race condition may crash system (local DoS)
CVE-2026-20445
4.4 - Medium
- March 02, 2026
In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184.
TOCTTOU
Out of Bounds Read in MediaTek Display Driver Enables Local Info Disclosure
CVE-2026-20429
4.4 - Medium
- March 02, 2026
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5535.
Out-of-bounds Read
Mediatek Display Driver LPE via Bounds Check Overflow
CVE-2026-20444
6.7 - Medium
- March 02, 2026
In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721.
Memory Corruption
MediaTek Display Driver Use-After-Free Enables Local Priv Escalation
CVE-2026-20443
6.7 - Medium
- March 02, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722.
Dangling pointer
MediaTek Display Driver UAF: Local DoS via Use-After-Free
CVE-2026-20442
4.4 - Medium
- March 02, 2026
In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5723.
Dangling pointer
MediaTek Preloader Local Info Disclosure via UID Exposure
CVE-2026-20435
4.6 - Medium
- March 02, 2026
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118.
Insufficiently Protected Credentials
Out-of-bounds write in MediaTek Modem firmware leads to privilege escalation
CVE-2026-20434
7.5 - High
- March 02, 2026
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.
Memory Corruption
MediaTek Display Driver OOB Write Local Privilege Escalation
CVE-2026-20428
6.7 - Medium
- March 02, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536.
Memory Corruption
MediaTek Display Driver Priv Escalation via Bounds Check
CVE-2026-20427
6.7 - Medium
- March 02, 2026
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.
Memory Corruption
MediaTek Display Driver OOB Write Enables Local PrivEsc
CVE-2026-20426
6.7 - Medium
- March 02, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538.
Memory Corruption
MediaTek Display Driver OOB Write Escalation
CVE-2026-20425
6.7 - Medium
- March 02, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539.
Memory Corruption
Local Escalation via OOB Write in cameraisp (Windows)
CVE-2026-20412
7.8 - High
- February 02, 2026
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5733.
Memory Corruption
MediaTek cameraisp Use-After-Free Priv Escalation (CVE-2026-20411)
CVE-2026-20411
7.8 - High
- February 02, 2026
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737.
Dangling pointer
Mediatek Modem Uncaught Exception Allows Remote DoS (CVE-2026-20406)
CVE-2026-20406
6.5 - Medium
- February 02, 2026
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01726634; Issue ID: MSV-5728.
Allocation of Resources Without Limits or Throttling
MediaTek Modem Remote DoS via Missing Bounds Check
CVE-2026-20405
6.5 - Medium
- February 02, 2026
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01688495; Issue ID: MSV-4818.
assertion failure
MediaTek Modem Remote DoS via Improper Input Validation
CVE-2026-20404
6.5 - Medium
- February 02, 2026
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689248; Issue ID: MSV-4837.
Memory Corruption
MediaTek Modem BoC Remote DoS (CVE-2026-20403)
CVE-2026-20403
6.5 - Medium
- February 02, 2026
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689254 (Note: For N15 and NR16) / MOLY01689259 (Note: For NR17 and NR17R); Issue ID: MSV-4843.
Memory Corruption
MediaTek Modem Input Validation Flaw Causing RDoS (CVE-2026-20422)
CVE-2026-20422
6.5 - Medium
- February 02, 2026
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00827332; Issue ID: MSV-5919.
assertion failure
MediaTek Modem Firmware DoS via Error Handling Crash
CVE-2026-20420
6.5 - Medium
- February 02, 2026
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738313; Issue ID: MSV-5935.
Out-of-bounds Read
MediaTek Display Driver UAF leads to local privilege escalation
CVE-2025-20787
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.
Dangling pointer
Use-After-Free in MediaTek Display Driver Enables Local Priv Escalation
CVE-2025-20786
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.
Double-free
MediaTek Display Driver Use-After-Free Enables Local Priv Esc
CVE-2025-20785
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.
Dangling pointer
MediaTek Display Driver Memory Corruption Priv Escalation
CVE-2025-20784
6.7 - Medium
- January 06, 2026
In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.
Use of Uninitialized Variable
MediaTek Display Driver OOB Write PrivEsc
CVE-2025-20783
6.7 - Medium
- January 06, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.
Memory Corruption
MediaTek Display Driver OOB Write Unchecked Bounds (Local PrivEsc)
CVE-2025-20782
6.7 - Medium
- January 06, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.
Memory Corruption
MediaTek Display Driver UAF Memory Corruption Enables Priv Escalation
CVE-2025-20781
7.8 - High
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.
Double-free
MediaTek Display Driver UAF causes privilege escalation
CVE-2025-20780
7.8 - High
- January 06, 2026
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712.
Dangling pointer
Use-after-free in MediaTek Display Driver Enables Local Priv Esc
CVE-2025-20779
7 - High
- January 06, 2026
In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720.
Dangling pointer
MediaTek Display Driver OOB Write Priv Esc Vulnerability
CVE-2025-20778
7.8 - High
- January 06, 2026
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729.
Memory Corruption
MediaTek Modem: Uninitialized Heap Data Read -> Remote DoS (CVE-2025-20760)
CVE-2025-20760
6.5 - Medium
- January 06, 2026
In Modem, there is a possible read of uninitialized heap data due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01676750; Issue ID: MSV-4653.
assertion failure
MediaTek Modem Remote DoS via Rogue Base Station Error Handling
CVE-2025-20761
6.5 - Medium
- January 06, 2026
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655.
Improper Check for Unusual or Exceptional Conditions
MediaTek Modem R-DoS via Crash
CVE-2025-20793
6.5 - Medium
- January 06, 2026
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01430930; Issue ID: MSV-4836.
NULL Pointer Dereference
MediaTek Modem RDoS via Improper Input Validation
CVE-2025-20794
6.5 - Medium
- January 06, 2026
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847.
Stack Overflow
MediaTek KeyInstall OOB Write Vulnerability (CVE-2025-20795)
CVE-2025-20795
7.8 - High
- January 06, 2026
In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141.
Memory Corruption
Local Priv Esc via Permission Bypass in DA Component – Logic Error
CVE-2025-20658
- April 07, 2025
In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.
Memory Corruption
CVE-2025-20656: OOB Write in DA Enables Physical Local Priv Esc Escalation
CVE-2025-20656
- April 07, 2025
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.
Memory Corruption
Cisco Telephony Priv Escalation via Permission Bypass (CVE-2024-20015)
CVE-2024-20015
7.4 - High
- February 05, 2024
In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441419; Issue ID: ALPS08441419.
Authentication Bypass by Primary Weakness
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MediaTek Mt6895 or by MediaTek? Click the Watch button to subscribe.
