Rdkcentral Security Vulnerabilities (CVEs)

Track 19 security vulnerabilities affecting Rdkcentral products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

1 Critical

3 High

15 Medium

Sort by:

🔔 Get Alerts for Rdkcentral

CVE-2025-20747 6.7

This vulnerability in the GNSS service allows an out-of-bounds write due to incorrect bounds checking. It enables local privilege escalation if an att...

Nov 4, 2025

CVE-2025-20746 6.7

This vulnerability in the GNSS service allows an attacker with System privilege to perform an out-of-bounds write, potentially leading to local privil...

Nov 4, 2025

CVE-2025-20730 6.7

This vulnerability allows local privilege escalation on MediaTek devices due to an insecure default value in the preloader component. An attacker with...

Nov 4, 2025

CVE-2025-20722 5.5

This CVE describes an integer overflow vulnerability in the GNSS driver that could lead to an out-of-bounds read. If exploited by a malicious actor wi...

Oct 14, 2025

CVE-2025-20696 6.8

This CVE describes an out-of-bounds write vulnerability in DA (likely a MediaTek component) that could allow local privilege escalation. Attackers wit...

Aug 4, 2025

CVE-2025-20656 6.8

This vulnerability in MediaTek DA software allows local attackers with physical access to escalate privileges through an out-of-bounds write. No user ...

Apr 7, 2025

CVE-2025-20650 6.8

This CVE describes an out-of-bounds write vulnerability in MediaTek's da component that could allow local privilege escalation. Attackers with physica...

Mar 3, 2025

CVE-2024-20143 6.6

This CVE describes an out-of-bounds write vulnerability in V6 DA (likely a MediaTek component) that allows local privilege escalation. Attackers with ...

Jan 6, 2025

CVE-2024-20145 6.6

This vulnerability in V6 DA allows local privilege escalation through an out-of-bounds write due to missing bounds checks. An attacker with physical a...

Jan 6, 2025

CVE-2024-20136 6.2

This vulnerability in MediaTek's da component allows local attackers to read memory beyond intended boundaries without requiring elevated privileges o...

Dec 2, 2024

CVE-2024-20107 6.2

CVE-2024-20107 is an out-of-bounds read vulnerability in MediaTek's da component that allows local attackers to read memory beyond allocated buffers w...

Nov 4, 2024

CVE-2024-20104 8.4

This vulnerability in MediaTek's da component allows local attackers to write beyond allocated memory boundaries, potentially gaining elevated privile...

Nov 4, 2024

CVE-2024-20089 7.5

This vulnerability in MediaTek Wi-Fi drivers allows remote attackers to cause denial of service without authentication or user interaction. It affects...

Sep 2, 2024

CVE-2024-20085 4.4

CVE-2024-20085 is an out-of-bounds read vulnerability in MediaTek power management components that could allow local information disclosure. Attackers...

Sep 2, 2024

CVE-2024-20080 9.8

This vulnerability in MediaTek's GNSS service allows remote attackers to escalate privileges without user interaction due to improper certificate vali...

Jul 1, 2024

CVE-2023-32871 5.3

This vulnerability in MediaTek's DA (Download Agent) allows local attackers to bypass permission checks due to an incorrect status verification. It en...

May 6, 2024

CVE-2024-20050 4.4

This vulnerability in the flashc component allows local information disclosure when exploited by a process with System execution privileges. It affect...

Apr 1, 2024

CVE-2024-20052 4.4

This vulnerability in MediaTek's flashc component allows local information disclosure when exploited by a process with System execution privileges. It...

Apr 1, 2024

CVE-2024-20053 8.4

This vulnerability in MediaTek's flashc component allows an attacker with system privileges to perform an out-of-bounds write due to an uncaught excep...

Apr 1, 2024

Why Monitor Rdkcentral Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 19+ known vulnerabilities affecting Rdkcentral products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Rdkcentral packages in under 60 seconds. No agents required - completely agentless scanning that works across Rdkcentral deployments.

Free vulnerability database: Access detailed information about every Rdkcentral CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Rdkcentral CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Rdkcentral CVEs Free