VYPR

Mt8792 Firmware

by Mediatek

CVEs (10)

  • CVE-2026-20433HigApr 7, 2026
    risk 0.57cvss 8.8epss 0.00

    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…

  • CVE-2026-20432HigApr 7, 2026
    risk 0.52cvss 8.0epss 0.00

    In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is…

  • CVE-2026-20455HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue…

  • CVE-2026-20451MedMay 4, 2026
    risk 0.44cvss 6.7epss 0.00

    In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.

  • CVE-2026-20448MedMay 4, 2026
    risk 0.44cvss 6.7epss 0.00

    In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513;…

  • CVE-2026-20447MedMay 4, 2026
    risk 0.44cvss 6.7epss 0.00

    In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10724073;…

  • CVE-2026-20454MedJun 1, 2026
    risk 0.42cvss 6.4epss 0.00

    In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID:…

  • CVE-2026-20450MedMay 4, 2026
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2026-20449MedMay 4, 2026
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2026-20431MedApr 7, 2026
    risk 0.42cvss 6.5epss 0.00

    In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for…

VYPR — Vulnerability Intelligence