CVE-2026-20448 PUBLISHED

Assigner: MediaTek
Reserved: 03.11.2025 Published: 04.05.2026 Updated: 04.05.2026

In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10708513; Issue ID: MSV-6281.

Product Status

Vendor MediaTek, Inc.
Product MediaTek chipset
Versions Default: unaffected
  • Version MT6765 is affected
  • Version MT6768 is affected
  • Version MT6789 is affected
  • Version MT6877 is affected
  • Version MT6897 is affected
  • Version MT6899 is affected
  • Version MT6989 is affected
  • Version MT6991 is affected
  • Version MT6993 is affected
  • Version MT8367 is affected
  • Version MT8766 is affected
  • Version MT8768 is affected
  • Version MT8775 is affected
  • Version MT8781 is affected
  • Version MT8786 is affected
  • Version MT8788E is affected
  • Version MT8791T is affected
  • Version MT8792 is affected
  • Version MT8793 is affected
  • Version MT8796 is affected
  • Version MT8893 is affected
  • Version MT8910 is affected

References

Problem Types

  • CWE-280 Improper Handling of Insufficient Permissions or Privileges CWE