CVE-2026-20451 PUBLISHED

Assigner: MediaTek
Reserved: 03.11.2025 Published: 04.05.2026 Updated: 04.05.2026

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.

Product Status

Vendor MediaTek, Inc.
Product MediaTek chipset
Versions Default: unaffected
  • Version MT2718 is affected
  • Version MT6899 is affected
  • Version MT6985 is affected
  • Version MT6989 is affected
  • Version MT6991 is affected
  • Version MT8115 is affected
  • Version MT8186 is affected
  • Version MT8188 is affected
  • Version MT8196 is affected
  • Version MT8365 is affected
  • Version MT8367 is affected
  • Version MT8370 is affected
  • Version MT8371 is affected
  • Version MT8390 is affected
  • Version MT8391 is affected
  • Version MT8395 is affected
  • Version MT8676 is affected
  • Version MT8678 is affected
  • Version MT8766 is affected
  • Version MT8768 is affected
  • Version MT8775 is affected
  • Version MT8781 is affected
  • Version MT8786 is affected
  • Version MT8788E is affected
  • Version MT8791T is affected
  • Version MT8792 is affected
  • Version MT8793 is affected
  • Version MT8796 is affected
  • Version MT8873 is affected
  • Version MT8883 is affected
  • Version MT8893 is affected
  • Version MT8910 is affected

References

Problem Types

  • CWE-843 Access of Resource Using Incompatible Type ('Type Confusion') CWE