VYPR

Vendor CVEs

Mediatek

All CVEs

447 total · sorted by risk
  • CVE-2017-3216CriJun 20, 2017
    risk 0.64cvss 9.8epss 0.05

    WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a…

  • CVE-2026-20433HigApr 7, 2026
    risk 0.57cvss 8.8epss 0.00

    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…

  • CVE-2026-20452HigJun 1, 2026
    risk 0.52cvss 8.0epss 0.00

    In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID:…

  • CVE-2026-20432HigApr 7, 2026
    risk 0.52cvss 8.0epss 0.00

    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…

  • CVE-2026-21030HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions.

  • CVE-2026-20455HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue…

  • CVE-2017-13226HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek mtk. Product: Android. Versions: Android kernel. Android ID: A-32591194. References: M-ALPS03149184.

  • CVE-2017-13173HigDec 6, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek system server. Product: Android. Versions: Android kernel. Android ID A-28067350. References: M-ALPS02672361.

  • CVE-2017-13172HigDec 6, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791.

  • CVE-2017-13171HigDec 6, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086.

  • CVE-2017-0865HigNov 16, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-ALPS02973195.

  • CVE-2017-0827HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872.

  • CVE-2017-0804HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487.

  • CVE-2017-0803HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36136137. References: M-ALPS03361477.

  • CVE-2017-0802HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36232120. References: M-ALPS03384818.

  • CVE-2017-0801HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek libmtkomxvdec. Product: Android. Versions: Android kernel. Android ID: A-38447970. References: M-ALPS03337980.

  • CVE-2017-0800HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek teei. Product: Android. Versions: Android kernel. Android ID: A-37683975. References: M-ALPS03302988.

  • CVE-2017-0799HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek lastbus. Product: Android. Versions: Android kernel. Android ID: A-36731602. References: M-ALPS03342072.

  • CVE-2017-0798HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36100671. References: M-ALPS03365532.

  • CVE-2017-0797HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-62459766. References: M-ALPS03353854.

  • CVE-2017-0795HigSep 8, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36198473. References: M-ALPS03361480.

  • CVE-2017-0742HigAug 9, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek video driver. Product: Android. Versions: Android kernel. Android ID: A-36074857. References: M-ALPS03275524.

  • CVE-2017-0741HigAug 9, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523.

  • CVE-2017-0711HigJul 6, 2017
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781.

  • CVE-2017-0562HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which…

  • CVE-2017-0522HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in a MediaTek APK could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged…

  • CVE-2017-0506HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2017-0505HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2017-0504HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2017-0503HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2017-0502HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2017-0501HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2017-0500HigMar 8, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is…

  • CVE-2016-6492HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call.

  • CVE-2016-8433HigJan 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require…

  • CVE-2016-3937HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30030994 and MediaTek internal bug ALPS02834874.

  • CVE-2016-3936HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019037 and MediaTek internal bug ALPS02829568.

  • CVE-2016-3928HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.

  • CVE-2016-3795HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085222 and MediaTek internal bug ALPS02677244.

  • CVE-2016-3774HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS02703102.

  • CVE-2016-3773HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008363 and MediaTek internal bug ALPS02703102.

  • CVE-2016-3772HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008188 and MediaTek internal bug ALPS02703102.

  • CVE-2016-3771HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS02703102.

  • CVE-2016-3770HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28346752 and MediaTek internal bug ALPS02703102.

  • CVE-2016-2469HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.

  • CVE-2016-0820HigMar 12, 2016
    risk 0.51cvss 7.8epss 0.01

    The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.

  • CVE-2018-12041HigJun 8, 2018
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames.

  • CVE-2017-0636HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-0618HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.00

    An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-0616HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged…

Page 1 of 9