How severe is CVE-2025-20778?

CVE-2025-20778 has a CVSS v3 score of 7.8 (HIGH).

CVE-2025-20778

7.8HIGH

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User

Published: 1/6/2026Updated: 1/8/2026

Description

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729.

AI AnalysisPowered by AI

Affected Products

googleandroid

14.0

googleandroid

15.0

googleandroid

16.0

mediatekmt6739

mediatekmt6761

mediatekmt6765

mediatekmt6768

mediatekmt6781

mediatekmt6789

mediatekmt6833

mediatekmt6835

mediatekmt6853

mediatekmt6855

mediatekmt6877

mediatekmt6878

mediatekmt6879

mediatekmt6883

mediatekmt6885

mediatekmt6886

mediatekmt6889

mediatekmt6893

mediatekmt6895

mediatekmt6897

mediatekmt6899

mediatekmt6983

mediatekmt6985

mediatekmt6989

mediatekmt6991

mediatekmt8186

mediatekmt8188

mediatekmt8196

mediatekmt8667

mediatekmt8673

mediatekmt8676

mediatekmt8678

mediatekmt8765

mediatekmt8766

mediatekmt8768

mediatekmt8771

mediatekmt8781

mediatekmt8791t

mediatekmt8792

mediatekmt8793

mediatekmt8795t

mediatekmt8796

mediatekmt8798

mediatekmt8873

mediatekmt8883

References

https://corp.mediatek.com/product-security-bulletin/January-2026
Vendor Advisory