CVE-2026-20423
Received Received - Intake

Out-of-Bounds Write in WLAN STA Driver Enables Privilege Escalation

Vulnerability report for CVE-2026-20423, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-02

Last updated on: 2026-03-03

Assigner: MediaTek, Inc.

Description

In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-02
Last Modified
2026-03-03
Generated
2026-07-06
AI Q&A
2026-03-02
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mediatek nbiot_sdk to 3.8 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-749 The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-20423 is a high-severity vulnerability in the wlan STA driver of MediaTek chipsets. It is caused by a missing bounds check which leads to a possible out-of-bounds write. This means that the software does not properly validate input or memory boundaries, potentially causing memory corruption.

The vulnerability falls under CWE-749 (Exposed Dangerous Method or Function) and affects several MediaTek chipsets including MT7902, MT7920, MT7921, MT7922, MT7925, and MT7927.

Exploitation requires only user execution privileges and does not need user interaction, which means an attacker with local access could escalate their privileges on the device.

Impact Analysis

This vulnerability can lead to local escalation of privilege, allowing an attacker with user-level execution privileges to gain higher privileges on the affected device.

Because it involves a possible out-of-bounds write, it could also cause memory corruption, which might lead to system instability or further security issues.

No user interaction is needed for exploitation, increasing the risk if an attacker has local access.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, apply the patch identified as WCNCR00465314 provided by MediaTek.

Ensure your devices using MediaTek chipsets MT7902, MT7920, MT7921, MT7922, MT7925, and MT7927 are updated with the latest firmware from the device OEMs.

Monitor official MediaTek security bulletins for any further updates or mitigation advice.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20423. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart