{"api_version":"1","generated_at":"2026-04-23T01:54:16+00:00","cve":"CVE-2025-20801","urls":{"html":"https://cve.report/CVE-2025-20801","api":"https://cve.report/api/cve/CVE-2025-20801.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-20801","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-20801"},"summary":{"title":"CVE-2025-20801","description":"In seninf, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10251210; Issue ID: MSV-4926.","state":"PUBLISHED","assigner":"MediaTek","published_at":"2026-01-06 02:15:44","updated_at":"2026-03-30 12:16:25"},"problem_types":["CWE-415","CWE-362","CWE-415 CWE-415 Double Free"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"7","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"7","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/January-2026","name":"https://corp.mediatek.com/product-security-bulletin/January-2026","refsource":"security@mediatek.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-20801","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-20801","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6878","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6897","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6899","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6985","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6989","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6991","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6993","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8792","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8796","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8798","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2025","cve_id":"20801","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"13.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"14.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"15.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"16.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6878","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6897","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6899","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6985","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6989","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6991","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6993","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8792","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8796","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"20801","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8798","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"20801","cve":"CVE-2025-20801","epss":"0.000050000","percentile":"0.002650000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:18"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2025-20801","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-01-07T04:55:55.891433Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-02-26T15:04:58.541Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"MediaTek chipset","vendor":"MediaTek, Inc.","versions":[{"status":"affected","version":"MT6878"},{"status":"affected","version":"MT6897"},{"status":"affected","version":"MT6899"},{"status":"affected","version":"MT6985"},{"status":"affected","version":"MT6989"},{"status":"affected","version":"MT6991"},{"status":"affected","version":"MT6993"},{"status":"affected","version":"MT8792"},{"status":"affected","version":"MT8796"},{"status":"affected","version":"MT8798"}]}],"descriptions":[{"lang":"en","value":"In seninf, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10251210; Issue ID: MSV-4926."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-415","description":"CWE-415 Double Free","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-03-30T13:04:21.657Z","orgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","shortName":"MediaTek"},"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/January-2026"}],"x_generator":{"engine":"cvelib 1.8.0"}}},"cveMetadata":{"assignerOrgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","assignerShortName":"MediaTek","cveId":"CVE-2025-20801","datePublished":"2026-01-06T01:46:49.056Z","dateReserved":"2024-11-01T01:21:50.406Z","dateUpdated":"2026-03-30T13:04:21.657Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-01-06 02:15:44","lastModifiedDate":"2026-03-30 12:16:25","problem_types":["CWE-415","CWE-362","CWE-415 CWE-415 Double Free"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1,"impactScore":5.9}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*","matchCriteriaId":"879FFD0C-9B38-4CAA-B057-1086D794D469"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*","matchCriteriaId":"2700BCC5-634D-4EC6-AB67-5B678D5F951D"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*","matchCriteriaId":"8538774C-906D-4B03-A3E7-FA7A55E0DA9E"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*","matchCriteriaId":"02882AB1-7993-47DD-84A0-8DF4272D85ED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*","matchCriteriaId":"855A8046-34ED-4891-ACE5-76AB10AC8D53"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*","matchCriteriaId":"2A7D8055-F4B6-41EE-A078-11D56285AB66"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*","matchCriteriaId":"C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*","matchCriteriaId":"EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*","matchCriteriaId":"AD7DE6B2-66D9-4A3E-B15F-D56505559255"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*","matchCriteriaId":"CBBB30DF-E963-4940-B742-F6801F68C3FC"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*","matchCriteriaId":"57E92BE0-5E65-4770-8E1A-0E5D07A38164"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*","matchCriteriaId":"336FC69E-E89F-4642-B6B9-8009D9A2BD52"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*","matchCriteriaId":"DE933AD9-3A6F-421B-8AB3-C45F8DEA9548"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*","matchCriteriaId":"637CAAD2-DCC0-4F81-B781-5D0536844CA8"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"20801","Ordinal":"1","Title":"CVE-2025-20801","CVE":"CVE-2025-20801","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"20801","Ordinal":"1","NoteData":"In seninf, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10251210; Issue ID: MSV-4926.","Type":"Description","Title":"CVE-2025-20801"}]}}}