Vulnerability Description
In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073; Issue ID: MSV-6296.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mediatek | Mt6768 Firmware | - |
| Mediatek | Mt6768 | - |
| Mediatek | Mt6789 Firmware | - |
| Mediatek | Mt6789 | - |
| Mediatek | Mt6877 Firmware | - |
| Mediatek | Mt6877 | - |
| Mediatek | Mt6899 Firmware | - |
| Mediatek | Mt6899 | - |
| Mediatek | Mt6989 Firmware | - |
| Mediatek | Mt6989 | - |
| Mediatek | Mt6991 Firmware | - |
| Mediatek | Mt6991 | - |
| Mediatek | Mt6993 Firmware | - |
| Mediatek | Mt6993 | - |
| Mediatek | Mt8196 Firmware | - |
| Mediatek | Mt8196 | - |
| Mediatek | Mt8367 Firmware | - |
| Mediatek | Mt8367 | - |
| Mediatek | Mt8766 Firmware | - |
| Mediatek | Mt8766 | - |
Related Weaknesses (CWE)
References
- https://corp.mediatek.com/product-security-bulletin/May-2026Vendor Advisory
FAQ
What is CVE-2026-20447?
CVE-2026-20447 is a vulnerability with a CVSS score of 6.7 (MEDIUM). In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege...
How severe is CVE-2026-20447?
CVE-2026-20447 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-20447?
Check the references section above for vendor advisories and patch information. Affected products include: Mediatek Mt6768 Firmware, Mediatek Mt6768, Mediatek Mt6789 Firmware, Mediatek Mt6789, Mediatek Mt6877 Firmware.