CVE-2026-20452

Severity CVSS v4.0:
Pending analysis
Type:
CWE-122 Heap-based Buffer Overflow
Publication date:
01/06/2026
Last modified:
01/06/2026

Description

In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:mediatek:mt6890_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7615_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7915_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7916_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7981_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7986_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7990_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7990:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7992_firmware:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools