CVE-2026-20462 PUBLISHED

Assigner: MediaTek
Reserved: 03.11.2025 Published: 01.07.2026 Updated: 01.07.2026

In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871.

Product Status

Vendor MediaTek, Inc.
Product MediaTek chipset
Versions Default: unaffected
  • Version MT6739 is affected
  • Version MT6761 is affected
  • Version MT6765 is affected
  • Version MT6768 is affected
  • Version MT6781 is affected
  • Version MT6789 is affected
  • Version MT6833 is affected
  • Version MT6853 is affected
  • Version MT6855 is affected
  • Version MT6877 is affected
  • Version MT6883 is affected
  • Version MT6885 is affected
  • Version MT6889 is affected
  • Version MT6893 is affected
  • Version MT8695 is affected
  • Version MT8696 is affected
  • Version MT8765 is affected
  • Version MT8766 is affected
  • Version MT8766R is affected
  • Version MT8768 is affected
  • Version MT8781 is affected
  • Version MT8791 is affected

References

Problem Types

  • CWE-122 Heap Overflow CWE