High severity8.0NVD Advisory· Published Jun 1, 2026· Updated Jun 1, 2026
CVE-2026-20452
CVE-2026-20452
Description
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- cpe:2.3:o:mediatek:mt6890_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7615_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7915_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7916_firmware:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:mediatek:mt7916_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7990_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7981_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7986_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7992_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt7993_firmware:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- corp.mediatek.com/product-security-bulletin/June-2026nvdVendor Advisory
News mentions
1- MediaTek: Four CVEs Disclosed — Three GenieZone TEE Bugs and a WLAN Driver OverflowVypr Intelligence · Jun 1, 2026