CVE-2026-20448
MEDIUM EPSS 4.3%
Published May 4, 20261mo ago · Modified Jun 17, 20261w ago
6.7 CVSS 3.1
Published May 4, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago
Description
In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
4.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-280
Affected Products 44
| Vendor | Product | Version | Range |
|---|---|---|---|
| mediatek | mt6765_firmware | * | any |
| mediatek | mt6765 | * | any |
| mediatek | mt6768_firmware | * | any |
| mediatek | mt6768 | * | any |
| mediatek | mt6789_firmware | * | any |
| mediatek | mt6789 | * | any |
| mediatek | mt6877_firmware | * | any |
| mediatek | mt6877 | * | any |
| mediatek | mt6897_firmware | * | any |
| mediatek | mt6897 | * | any |
| mediatek | mt6899_firmware | * | any |
| mediatek | mt6899 | * | any |
| mediatek | mt6989_firmware | * | any |
| mediatek | mt6989 | * | any |
| mediatek | mt6991_firmware | * | any |
| mediatek | mt6991 | * | any |
| mediatek | mt6993_firmware | * | any |
| mediatek | mt6993 | * | any |
| mediatek | mt8367_firmware | * | any |
| mediatek | mt8367 | * | any |
| mediatek | mt8766_firmware | * | any |
| mediatek | mt8766 | * | any |
| mediatek | mt8768_firmware | * | any |
| mediatek | mt8768 | * | any |
| mediatek | mt8775_firmware | * | any |
| mediatek | mt8775 | * | any |
| mediatek | mt8781_firmware | * | any |
| mediatek | mt8781 | * | any |
| mediatek | mt8786_firmware | * | any |
| mediatek | mt8786 | * | any |
| mediatek | mt8788e_firmware | * | any |
| mediatek | mt8788e | * | any |
| mediatek | mt8791t_firmware | * | any |
| mediatek | mt8791t | * | any |
| mediatek | mt8792_firmware | * | any |
| mediatek | mt8792 | * | any |
| mediatek | mt8793_firmware | * | any |
| mediatek | mt8793 | * | any |
| mediatek | mt8796_firmware | * | any |
| mediatek | mt8796 | * | any |
| mediatek | mt8893_firmware | * | any |
| mediatek | mt8893 | * | any |
| mediatek | mt8910_firmware | * | any |
| mediatek | mt8910 | * | any |
References 1
- corp.mediatek.com https://corp.mediatek.com/product-security-bulletin/May-2026
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.