← Volver a CVEs
CVE-2026-20446
MEDIUM4.3
Descripcion
In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09963054; Issue ID: MSV-3899.
Detalles CVE
Puntuacion CVSS v3.14.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vector de ataquePHYSICAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado4/7/2026
Ultima modificacion4/7/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
mediatek:mt6813mediatek:mt6813_firmware
Debilidades (CWE)
CWE-787CWE-190
Referencias
https://corp.mediatek.com/product-security-bulletin/April-2026(security@mediatek.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.