CVE-2026-20414_CVE-2026-20414

6.7 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.

Basic Information

ID CVE-2026-20414

Source MediaTek

Published Feb 2, 2026 at 08:15

Modified Feb 2, 2026 at 13:51

Affected Product

Vendor MediaTek, Inc.

Product MT6897, MT6989, MT8196, MT8678, MT8766, MT8768, MT8786, MT8796

Version Android 15.0

Affected Versions MediaTek, Inc. MT6897, MT6989, MT8196, MT8678, MT8766, MT8768, MT8786, MT8796 Android 15.0

CWE Classification

CWE-416

References

corp.mediatek.com /product-security-bulletin/February-2026

{
    "lastseen": "",
    "description": "In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.",
    "published": "2026-02-02T08:15:09.845Z",
    "modified": "2026-02-02T13:51:26.694Z",
    "type": "cve",
    "title": "CVE-2026-20414",
    "source": "MediaTek",
    "references": "https://corp.mediatek.com/product-security-bulletin/February-2026",
    "id": "CVE-2026-20414",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "MediaTek, Inc. MT6897, MT6989, MT8196, MT8678, MT8766, MT8768, MT8786, MT8796 Android 15.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MT6897, MT6989, MT8196, MT8678, MT8766, MT8768, MT8786, MT8796",
    "version": "Android 15.0",
    "vendor": "MediaTek, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}