CVE-2026-20412
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-02-02
Last updated on: 2026-02-04
Assigner: MediaTek, Inc.
Description
Description
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5733.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | 13.0 | |
| android | 14.0 | |
| android | 15.0 | |
| android | 16.0 | |
| mediatek | mt6878 | * |
| mediatek | mt6879 | * |
| mediatek | mt6881 | * |
| mediatek | mt6886 | * |
| mediatek | mt6895 | * |
| mediatek | mt6897 | * |
| mediatek | mt6899 | * |
| mediatek | mt6983 | * |
| mediatek | mt6985 | * |
| mediatek | mt6989 | * |
| mediatek | mt6991 | * |
| mediatek | mt6993 | * |
| mediatek | mt8168 | * |
| mediatek | mt8188 | * |
| mediatek | mt8195 | * |
| mediatek | mt8365 | * |
| mediatek | mt8390 | * |
| mediatek | mt8395 | * |
| mediatek | mt8666 | * |
| mediatek | mt8667 | * |
| mediatek | mt8673 | * |
| mediatek | mt8676 | * |
| mediatek | mt8696 | * |
| mediatek | mt8793 | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
