Unrated severityNVD Advisory· Published Oct 14, 2025· Updated Feb 26, 2026

CVE-2025-20721

Description

In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10089545; Issue ID: MSV-4279.

Affected products

MediaTek, Inc./MT6886, MT6897, MT6899, MT6985, MT6989, MT6991, MT8195, MT8196, MT8370, MT8390, MT8395, MT8792, MT8793v5
Range: IOT-v25.0 / Android 13.0, 14.0, 15.0, 16.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

corp.mediatek.com/product-security-bulletin/October-2025mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000