How do I submit a security vulnerability to MediaTek?
If you discover a security vulnerability in MediaTek product, you can contact our security team directly via a special contact form on this website.
Here you'll be asked to provide a detailed report of the issue discovered so MediaTek's security team can attempt to replicate the issue then patch it. Reports should aim to include the following information in order to evaluate the issue as quickly as possible.
- Product(s) and Software version(s) affected
- Vulnerability Overview (buffer overflow, integer overflow, …)
- Issue Description and Impact (arbitrary code execution, information disclosure, …)
- Instructions to reproduce the issue
- A proof-of-concept (PoC)
Submissions can be anonymous and no NDA is required.