← Back

Mediatek

mediatek

258 CVEs • 582 products

Products (582)

Click to collapse
Toggle
Software Development Kit
software_development_kit
71 CVEs
Nr15
nr15
65 CVEs
Nr16
nr16
57 CVEs
Nr17
nr17
48 CVEs
Mt7615 Firmware
mt7615_firmware
38 CVEs
Mt7622 Firmware
mt7622_firmware
37 CVEs
Mt7915 Firmware
mt7915_firmware
37 CVEs
Mt7613 Firmware
mt7613_firmware
36 CVEs
Mt7628 Firmware
mt7628_firmware
36 CVEs
Mt7629 Firmware
mt7629_firmware
36 CVEs
Iot Yocto
iot_yocto
24 CVEs
Nr17r
nr17r
20 CVEs
Mt7603e Firmware
mt7603e_firmware
20 CVEs
Mt7612 Firmware
mt7612_firmware
18 CVEs
Mt7620 Firmware
mt7620_firmware
18 CVEs
Lr12a
lr12a
17 CVEs
Mt7610 Firmware
mt7610_firmware
17 CVEs
Mt7916 Firmware
mt7916_firmware
17 CVEs
Mt7986 Firmware
mt7986_firmware
17 CVEs
Mt7603 Firmware
mt7603_firmware
16 CVEs
Lr13
lr13
15 CVEs
Mt6899 Firmware
mt6899_firmware
12 CVEs
Mt6991 Firmware
mt6991_firmware
12 CVEs
Mt6989 Firmware
mt6989_firmware
11 CVEs
Mt8791t Firmware
mt8791t_firmware
11 CVEs
Mt8793 Firmware
mt8793_firmware
11 CVEs
Mt6877 Firmware
mt6877_firmware
10 CVEs
Mt6897 Firmware
mt6897_firmware
10 CVEs
Nbiot Sdk
nbiot_sdk
9 CVEs
Mt7981 Firmware
mt7981_firmware
9 CVEs
Mt6835 Firmware
mt6835_firmware
9 CVEs
Mt6878 Firmware
mt6878_firmware
9 CVEs
Mt6985 Firmware
mt6985_firmware
9 CVEs
Mt8981 Firmware
mt8981_firmware
8 CVEs
Mt7902 Firmware
mt7902_firmware
8 CVEs
Mt7921 Firmware
mt7921_firmware
8 CVEs
Mt8788 Firmware
mt8788_firmware
8 CVEs
Mt6789 Firmware
mt6789_firmware
8 CVEs
Mt6853 Firmware
mt6853_firmware
8 CVEs
Mt6855 Firmware
mt6855_firmware
8 CVEs
Mt6879 Firmware
mt6879_firmware
8 CVEs
Mt6883 Firmware
mt6883_firmware
8 CVEs
Mt6885 Firmware
mt6885_firmware
8 CVEs
Mt6886 Firmware
mt6886_firmware
8 CVEs
Mt6889 Firmware
mt6889_firmware
8 CVEs
Mt6893 Firmware
mt6893_firmware
8 CVEs
Mt6895 Firmware
mt6895_firmware
8 CVEs
Mt6983 Firmware
mt6983_firmware
8 CVEs
Mt8673 Firmware
mt8673_firmware
8 CVEs
Mt8781 Firmware
mt8781_firmware
8 CVEs
Mt8797 Firmware
mt8797_firmware
8 CVEs
Mt8798 Firmware
mt8798_firmware
8 CVEs
Mt6768 Firmware
mt6768_firmware
7 CVEs
Mt8676 Firmware
mt8676_firmware
7 CVEs
Mt8678 Firmware
mt8678_firmware
7 CVEs
Mt8766 Firmware
mt8766_firmware
7 CVEs
Mt8768 Firmware
mt8768_firmware
7 CVEs
Mt8786 Firmware
mt8786_firmware
7 CVEs
Mt8775 Firmware
mt8775_firmware
7 CVEs
Mt8792 Firmware
mt8792_firmware
7 CVEs
Mt8365 Firmware
mt8365_firmware
6 CVEs
En7580 Firmware
en7580_firmware
6 CVEs
En7528 Firmware
en7528_firmware
6 CVEs
Mt6765 Firmware
mt6765_firmware
6 CVEs
Mt6781 Firmware
mt6781_firmware
6 CVEs
Mt6813 Firmware
mt6813_firmware
6 CVEs
Mt6890 Firmware
mt6890_firmware
6 CVEs
Mt8863 Firmware
mt8863_firmware
6 CVEs
Mt6993 Firmware
mt6993_firmware
6 CVEs
Mt8873 Firmware
mt8873_firmware
6 CVEs
Mt8883 Firmware
mt8883_firmware
6 CVEs
Mt8893 Firmware
mt8893_firmware
6 CVEs
Mt8910 Firmware
mt8910_firmware
6 CVEs
Mt8518s Firmware
mt8518s_firmware
5 CVEs
Mt8532 Firmware
mt8532_firmware
5 CVEs
Mt2735 Firmware
mt2735_firmware
5 CVEs
Mt2737 Firmware
mt2737_firmware
5 CVEs
Mt6739 Firmware
mt6739_firmware
5 CVEs
Mt6761 Firmware
mt6761_firmware
5 CVEs
Mt6833 Firmware
mt6833_firmware
5 CVEs
Mt6873 Firmware
mt6873_firmware
5 CVEs
Mt6875 Firmware
mt6875_firmware
5 CVEs
Mt6880 Firmware
mt6880_firmware
5 CVEs
Mt6891 Firmware
mt6891_firmware
5 CVEs
Mt6896 Firmware
mt6896_firmware
5 CVEs
Mt6980 Firmware
mt6980_firmware
5 CVEs
Mt6990 Firmware
mt6990_firmware
5 CVEs
Mt8675 Firmware
mt8675_firmware
5 CVEs
Mt8771 Firmware
mt8771_firmware
5 CVEs
Mt8668 Firmware
mt8668_firmware
5 CVEs
Mt8755 Firmware
mt8755_firmware
5 CVEs
Modem
modem
4 CVEs
Lr11
lr11
4 CVEs
Lr12
lr12
4 CVEs
Mt5221 Firmware
mt5221_firmware
4 CVEs
Mt7668 Firmware
mt7668_firmware
4 CVEs
Mt8167s Firmware
mt8167s_firmware
4 CVEs
Mt8175 Firmware
mt8175_firmware
4 CVEs
Mt8362a Firmware
mt8362a_firmware
4 CVEs
Mt8385 Firmware
mt8385_firmware
4 CVEs

CVEs (258)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-20646
1Mediatek
1Software Development Kit
Apr 22, 2025
Mar 3, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...Show more
In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389074; Issue ID: MSV-1803.Show less
CVE-2025-20644
1Mediatek
2Nr15
Nr16
Feb 17, 2026
Mar 3, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional e...Show more
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.Show less
CVE-2025-20637
1Mediatek
1Software Development Kit
Mar 17, 2025
Feb 3, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Pa...Show more
In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380.Show less
CVE-2025-20634
1Mediatek
3Nr16
Nr17Nr17r
Feb 17, 2026
Feb 3, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional exec...Show more
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.Show less
CVE-2025-20633
1Mediatek
1Software Development Kit
Mar 18, 2025
Feb 3, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction i...Show more
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491.Show less
CVE-2025-20632
1Mediatek
1Software Development Kit
Apr 22, 2025
Feb 3, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...Show more
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397139; Issue ID: MSV-2188.Show less
CVE-2025-20631
1Mediatek
1Software Development Kit
Apr 22, 2025
Feb 3, 2025
N/A· v4
7.8 HIGH· v3
N/A· v2
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...Show more
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187.Show less
CVE-2024-20147
4Google
LinuxfoundationMediatek+1 more
4Android
OpenwrtSoftware Development Kit+1 more
Apr 22, 2025
Feb 3, 2025
N/A· v4
5.3 MEDIUM· v3
N/A· v2
In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for...Show more
In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797.Show less
CVE-2024-20154
1Mediatek
5Lr12a
Lr13Nr16.r1.mp+2 more
Feb 17, 2026
Jan 6, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional exec...Show more
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392.Show less
CVE-2024-20153
3Google
LinuxfoundationMediatek
3Android
Software Development KitYocto
Jan 12, 2026
Jan 6, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not neede...Show more
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.Show less
CVE-2024-20152
4Google
LinuxfoundationMediatek+1 more
4Android
OpenwrtSoftware Development Kit+1 more
Apr 21, 2025
Jan 6, 2025
N/A· v4
4.4 MEDIUM· v3
N/A· v2
In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction...Show more
In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798.Show less
CVE-2024-20151
1Mediatek
2Nr16
Nr17
Apr 21, 2025
Jan 6, 2025
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not...Show more
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01399339; Issue ID: MSV-1928.Show less
CVE-2024-20150
1Mediatek
5Lr12a
Lr13Nr15+2 more
Apr 22, 2025
Jan 6, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY...Show more
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.Show less
CVE-2024-20149
1Mediatek
6Lr12
Lr13Nr15+3 more
Jan 12, 2026
Jan 6, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Pa...Show more
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165.Show less
CVE-2024-20148
3Google
LinuxfoundationMediatek
3Android
Software Development KitYocto
Apr 22, 2025
Jan 6, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is n...Show more
In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.Show less
CVE-2024-20146
4Google
LinuxfoundationMediatek+1 more
4Android
OpenwrtSoftware Development Kit+1 more
Apr 22, 2025
Jan 6, 2025
N/A· v4
8.1 HIGH· v3
N/A· v2
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction...Show more
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.Show less
CVE-2024-20139
4Google
LinuxfoundationMediatek+1 more
4Android
OpenwrtSoftware Development Kit+1 more
Jan 12, 2026
Dec 2, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction...Show more
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600.Show less
CVE-2024-20138
2Google
Mediatek
2Android
Software Development Kit
Apr 22, 2025
Dec 2, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...Show more
In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.Show less
CVE-2024-20133
1Mediatek
1Nr16
Apr 22, 2025
Dec 2, 2024
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploit...Show more
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.Show less
CVE-2024-20132
1Mediatek
1Nr16
Jun 25, 2025
Dec 2, 2024
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploita...Show more
In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872.Show less