CVE-2026-20451_CVE-2026-20451

6.7 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.

Basic Information

ID CVE-2026-20451

Source MediaTek

Published May 4, 2026 at 05:42

Modified May 4, 2026 at 12:55

Affected Product

Vendor MediaTek, Inc.

Product MediaTek chipset

Version MT2718

Affected Versions MediaTek, Inc. MediaTek chipset MT2718
MediaTek, Inc. MediaTek chipset MT6899
MediaTek, Inc. MediaTek chipset MT6985
MediaTek, Inc. MediaTek chipset MT6989
MediaTek, Inc. MediaTek chipset MT6991
MediaTek, Inc. MediaTek chipset MT8115
MediaTek, Inc. MediaTek chipset MT8186
MediaTek, Inc. MediaTek chipset MT8188
MediaTek, Inc. MediaTek chipset MT8196
MediaTek, Inc. MediaTek chipset MT8365
MediaTek, Inc. MediaTek chipset MT8367
MediaTek, Inc. MediaTek chipset MT8370
MediaTek, Inc. MediaTek chipset MT8371
MediaTek, Inc. MediaTek chipset MT8390
MediaTek, Inc. MediaTek chipset MT8391
MediaTek, Inc. MediaTek chipset MT8395
MediaTek, Inc. MediaTek chipset MT8676
MediaTek, Inc. MediaTek chipset MT8678
MediaTek, Inc. MediaTek chipset MT8766
MediaTek, Inc. MediaTek chipset MT8768
MediaTek, Inc. MediaTek chipset MT8775
MediaTek, Inc. MediaTek chipset MT8781
MediaTek, Inc. MediaTek chipset MT8786
MediaTek, Inc. MediaTek chipset MT8788E
MediaTek, Inc. MediaTek chipset MT8791T
MediaTek, Inc. MediaTek chipset MT8792
MediaTek, Inc. MediaTek chipset MT8793
MediaTek, Inc. MediaTek chipset MT8796
MediaTek, Inc. MediaTek chipset MT8873
MediaTek, Inc. MediaTek chipset MT8883
MediaTek, Inc. MediaTek chipset MT8893
MediaTek, Inc. MediaTek chipset MT8910

CWE Classification

CWE-843

References

corp.mediatek.com /product-security-bulletin/May-2026

{
    "lastseen": "",
    "description": "In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.",
    "published": "2026-05-04T05:42:29.660Z",
    "modified": "2026-05-04T12:55:49.245Z",
    "type": "cve",
    "title": "CVE-2026-20451",
    "source": "MediaTek",
    "references": "https://corp.mediatek.com/product-security-bulletin/May-2026",
    "id": "CVE-2026-20451",
    "bulletinFamily": "",
    "cwe": [
        "CWE-843"
    ],
    "cvelist": null,
    "sourceData": "MediaTek, Inc. MediaTek chipset MT2718\nMediaTek, Inc. MediaTek chipset MT6899\nMediaTek, Inc. MediaTek chipset MT6985\nMediaTek, Inc. MediaTek chipset MT6989\nMediaTek, Inc. MediaTek chipset MT6991\nMediaTek, Inc. MediaTek chipset MT8115\nMediaTek, Inc. MediaTek chipset MT8186\nMediaTek, Inc. MediaTek chipset MT8188\nMediaTek, Inc. MediaTek chipset MT8196\nMediaTek, Inc. MediaTek chipset MT8365\nMediaTek, Inc. MediaTek chipset MT8367\nMediaTek, Inc. MediaTek chipset MT8370\nMediaTek, Inc. MediaTek chipset MT8371\nMediaTek, Inc. MediaTek chipset MT8390\nMediaTek, Inc. MediaTek chipset MT8391\nMediaTek, Inc. MediaTek chipset MT8395\nMediaTek, Inc. MediaTek chipset MT8676\nMediaTek, Inc. MediaTek chipset MT8678\nMediaTek, Inc. MediaTek chipset MT8766\nMediaTek, Inc. MediaTek chipset MT8768\nMediaTek, Inc. MediaTek chipset MT8775\nMediaTek, Inc. MediaTek chipset MT8781\nMediaTek, Inc. MediaTek chipset MT8786\nMediaTek, Inc. MediaTek chipset MT8788E\nMediaTek, Inc. MediaTek chipset MT8791T\nMediaTek, Inc. MediaTek chipset MT8792\nMediaTek, Inc. MediaTek chipset MT8793\nMediaTek, Inc. MediaTek chipset MT8796\nMediaTek, Inc. MediaTek chipset MT8873\nMediaTek, Inc. MediaTek chipset MT8883\nMediaTek, Inc. MediaTek chipset MT8893\nMediaTek, Inc. MediaTek chipset MT8910",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MediaTek chipset",
    "version": "MT2718",
    "vendor": "MediaTek, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}