CVE-2026-20408

Published Feb 2, 2026

Last updated a month ago

CVSS high 8.8

Overview

Description: In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461651; Issue ID: MSV-4758.
Source: security@mediatek.com
NVD status: Analyzed
Products: software_development_kit, openwrt

Risk scores

CVSS 3.1

Type: Secondary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

security@mediatek.com: CWE-122
nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0DD86CC1-BD46-42D2-9112-190CCAC96B30",
            "versionEndIncluding": "7.6.7.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:23.05.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "00113669-2850-4F0C-913A-92CA5290746E",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References