Medium severity6.7NVD Advisory· Published May 4, 2026· Updated May 7, 2026
CVE-2026-20448
CVE-2026-20448
Description
In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281.
Affected products
22- cpe:2.3:o:mediatek:mt6765_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6768_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6789_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6877_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6989_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6993_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8367_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8766_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8768_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8781_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8786_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8788e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8791t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8796_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8893_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8910_firmware:-:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- corp.mediatek.com/product-security-bulletin/May-2026nvdVendor Advisory
News mentions
0No linked articles in our index yet.