CVE-2026-20452
Severity CVSS v4.0:
Pending analysis
Type:
CWE-122
Heap-based Buffer Overflow
Publication date:
01/06/2026
Last modified:
01/06/2026
Description
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295.
Impact
Base Score 3.x
8.00
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:mediatek:mt6890_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7615_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7915_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7916_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7981_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7986_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7990_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:mediatek:mt7990:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:mediatek:mt7992_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page



