← Zuruck zu CVEs
CVE-2026-20447
MEDIUM6.7
Beschreibung
In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073; Issue ID: MSV-6296.
CVE Details
CVSS v3.1 Bewertung6.7
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht5/4/2026
Zuletzt geandert5/7/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mediatek:mt6768mediatek:mt6768_firmwaremediatek:mt6789mediatek:mt6789_firmwaremediatek:mt6877mediatek:mt6877_firmwaremediatek:mt6899mediatek:mt6899_firmwaremediatek:mt6989mediatek:mt6989_firmwaremediatek:mt6991mediatek:mt6991_firmwaremediatek:mt6993mediatek:mt6993_firmwaremediatek:mt8196mediatek:mt8196_firmwaremediatek:mt8367mediatek:mt8367_firmwaremediatek:mt8766mediatek:mt8766_firmwaremediatek:mt8768mediatek:mt8768_firmwaremediatek:mt8781mediatek:mt8781_firmwaremediatek:mt8786mediatek:mt8786_firmwaremediatek:mt8788emediatek:mt8788e_firmwaremediatek:mt8791tmediatek:mt8791t_firmwaremediatek:mt8793mediatek:mt8793_firmwaremediatek:mt8910mediatek:mt8910_firmware
Schwachen (CWE)
CWE-125
Referenzen
https://corp.mediatek.com/product-security-bulletin/May-2026(security@mediatek.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.