CVE-2026-20445
Race Condition in MDDP Causes Local Denial of Service
Publication date: 2026-03-02
Last updated on: 2026-03-03
Assigner: MediaTek, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | 14.0 | |
| android | 15.0 | |
| android | 16.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-367 | The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
I don't know
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
Can you explain this vulnerability to me?
This vulnerability exists in MDDP and is caused by a race condition that can lead to a system crash.
Exploitation does not require user interaction but does require that the attacker already has System privilege.
The result of exploiting this vulnerability is a local denial of service.
How can this vulnerability impact me? :
If exploited, this vulnerability can cause a system crash resulting in a local denial of service.
This means that legitimate users or processes on the affected system may be unable to use it properly until it is restarted or repaired.
However, exploitation requires that the attacker already has System privilege, so the impact depends on the attacker's existing access level.