CVE-2026-20448

EPSS 0.01%
Veröffentlicht 04.05.2026 05:41:52
Zuletzt bearbeitet 07.05.2026 12:43:11
Quelle security@mediatek.com
CVE-Watchlists
Login
Unerledigt
Login

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 22 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mediatek ≫ Mt6765 Firmware Version-

Mediatek ≫ Mt6765 Version-

Mediatek ≫ Mt6768 Firmware Version-

Mediatek ≫ Mt6768 Version-

Mediatek ≫ Mt6789 Firmware Version-

Mediatek ≫ Mt6789 Version-

Mediatek ≫ Mt6877 Firmware Version-

Mediatek ≫ Mt6877 Version-

Mediatek ≫ Mt6897 Firmware Version-

Mediatek ≫ Mt6897 Version-

Mediatek ≫ Mt6899 Firmware Version-

Mediatek ≫ Mt6899 Version-

Mediatek ≫ Mt6989 Firmware Version-

Mediatek ≫ Mt6989 Version-

Mediatek ≫ Mt6991 Firmware Version-

Mediatek ≫ Mt6991 Version-

Mediatek ≫ Mt6993 Firmware Version-

Mediatek ≫ Mt6993 Version-

Mediatek ≫ Mt8367 Firmware Version-

Mediatek ≫ Mt8367 Version-

Mediatek ≫ Mt8766 Firmware Version-

Mediatek ≫ Mt8766 Version-

Mediatek ≫ Mt8768 Firmware Version-

Mediatek ≫ Mt8768 Version-

Mediatek ≫ Mt8775 Firmware Version-

Mediatek ≫ Mt8775 Version-

Mediatek ≫ Mt8781 Firmware Version-

Mediatek ≫ Mt8781 Version-

Mediatek ≫ Mt8786 Firmware Version-

Mediatek ≫ Mt8786 Version-

Mediatek ≫ Mt8788e Firmware Version-

Mediatek ≫ Mt8788e Version-

Mediatek ≫ Mt8791t Firmware Version-

Mediatek ≫ Mt8791t Version-

Mediatek ≫ Mt8792 Firmware Version-

Mediatek ≫ Mt8792 Version-

Mediatek ≫ Mt8793 Firmware Version-

Mediatek ≫ Mt8793 Version-

Mediatek ≫ Mt8796 Firmware Version-

Mediatek ≫ Mt8796 Version-

Mediatek ≫ Mt8893 Firmware Version-

Mediatek ≫ Mt8893 Version-

Mediatek ≫ Mt8910 Firmware Version-

Mediatek ≫ Mt8910 Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.019

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-280 Improper Handling of Insufficient Permissions or Privileges

The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.

https://corp.mediatek.com/product-security-bulletin/May-2026

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-20448

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-20448

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-20448

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-20448