CVE-2025-20800 – CVE-2025-20800 is an out-of-bounds write vulner... (How to Fix)

Q: What is the severity of CVE-2025-20800?

CVE-2025-20800 has a CVSS score of 7.8 (HIGH). CVE-2025-20800 is an out-of-bounds write vulnerability in mminfra that allows local privilege escalation. Attackers with initial System privilege can exploit this to gain higher privileges without user interaction. This affects systems using MediaTek components with vulnerable mminfra implementations.

📋 TL;DR

CVE-2025-20800 is an out-of-bounds write vulnerability in mminfra that allows local privilege escalation. Attackers with initial System privilege can exploit this to gain higher privileges without user interaction. This affects systems using MediaTek components with vulnerable mminfra implementations.

💻 Affected Systems

Products:

MediaTek chipsets with mminfra component

Versions: Specific versions not detailed in advisory; all versions before patch ALPS10267349 are likely affected

Operating Systems: Android-based systems using MediaTek chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices using vulnerable MediaTek firmware; exact device models not specified in provided reference.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with root/kernel-level access, enabling persistence, data theft, and lateral movement across the network.

🟠

Likely Case

Local privilege escalation from System to higher privileged accounts, allowing installation of malware, credential harvesting, and bypassing security controls.

🟢

If Mitigated

Limited impact if proper privilege separation and least privilege principles are enforced, though still dangerous in multi-user environments.

🌐 Internet-Facing: LOW - Requires local access and initial System privilege, not directly exploitable over network.

🏢 Internal Only: HIGH - Malicious insiders or attackers who gain initial System access can escalate privileges to compromise entire systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires existing System privilege, making exploitation more targeted but dangerous in compromised environments.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patch ID: ALPS10267349

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/January-2026

Restart Required: Yes

Instructions:

1. Contact device manufacturer for firmware updates. 2. Apply patch ALPS10267349. 3. Reboot device. 4. Verify patch installation.

🔧 Temporary Workarounds

Restrict System Privilege Access

all

Limit which users/processes have System privilege to reduce attack surface

Disable Unnecessary Services

android

Disable services using mminfra if not required for device functionality

🧯 If You Can't Patch

Implement strict access controls and monitor for privilege escalation attempts
Isolate affected systems from critical network segments and apply network segmentation

🔍 How to Verify

Check if Vulnerable:

Check firmware version against vendor advisory; examine if mminfra component is present and unpatched

Check Version:

Device-specific commands vary by manufacturer; typically 'getprop ro.build.fingerprint' or similar on Android

Verify Fix Applied:

Verify patch ALPS10267349 is applied through firmware version check or vendor verification tools

📡 Detection & Monitoring

Log Indicators:

Unexpected privilege escalation events
Abnormal mminfra process behavior
Kernel panic or crash logs

Network Indicators:

Unusual outbound connections from privileged processes

SIEM Query:

Process creation where parent process has System privilege AND child process gains higher privileges

📊 Metadata

CVE ID: CVE-2025-20800

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

EPSS Score: 0.01% exploit probability (0.3th percentile)

Published: January 6, 2026

Last Updated: January 8, 2026

🔗 References

https://corp.mediatek.com/product-security-bulletin/January-2026 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-20800, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Android by Google

Android by Google

Android by Google

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict System Privilege Access

Disable Unnecessary Services

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities