CVE-2026-20423
Received Received - Intake
Out-of-Bounds Write in WLAN STA Driver Enables Privilege Escalation

Publication date: 2026-03-02

Last updated on: 2026-03-03

Assigner: MediaTek, Inc.

Description
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-02
Last Modified
2026-03-03
Generated
2026-06-16
AI Q&A
2026-03-02
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20423
EUVD
EUVD-2026-9151
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mediatek nbiot_sdk to 3.8 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-749 The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-20423 is a high-severity vulnerability in the wlan STA driver of MediaTek chipsets. It is caused by a missing bounds check which leads to a possible out-of-bounds write. This means that the software does not properly validate input or memory boundaries, potentially causing memory corruption.

The vulnerability falls under CWE-749 (Exposed Dangerous Method or Function) and affects several MediaTek chipsets including MT7902, MT7920, MT7921, MT7922, MT7925, and MT7927.

Exploitation requires only user execution privileges and does not need user interaction, which means an attacker with local access could escalate their privileges on the device.

Impact Analysis

This vulnerability can lead to local escalation of privilege, allowing an attacker with user-level execution privileges to gain higher privileges on the affected device.

Because it involves a possible out-of-bounds write, it could also cause memory corruption, which might lead to system instability or further security issues.

No user interaction is needed for exploitation, increasing the risk if an attacker has local access.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, apply the patch identified as WCNCR00465314 provided by MediaTek.

Ensure your devices using MediaTek chipsets MT7902, MT7920, MT7921, MT7922, MT7925, and MT7927 are updated with the latest firmware from the device OEMs.

Monitor official MediaTek security bulletins for any further updates or mitigation advice.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20423. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart