CVE-2026-20456

{"id": "CVE-2026-20456", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2026-06-01T04:16:22.283", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/June-2026", "tags": ["Vendor Advisory"], "source": "security@mediatek.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@mediatek.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338."}], "lastModified": "2026-06-01T17:54:59.503", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7902_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C88EAF30-A899-478B-BF4A-9DC61E1177B4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7920_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB438952-6B4D-454A-AC2C-0FFA759FAAF1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "140DAC08-96E9-47D3-BC2E-65E999DCFD50"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7921_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDF9ABD6-2AEF-43FF-A3B9-C4AF11E7C4CC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7922_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC8D3E58-DC77-4EF8-94F5-D7C12E4CE1C1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EA2A6813-7138-441E-A9E4-FF62FCBD797A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7925_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47E74656-3DD4-4A34-8E81-77CB5E4AB253"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "27CFC9DF-2F4C-469A-8A19-A260B1134CFE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:mediatek:mt7927_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8B57DE7-C20E-46DE-889A-41CC10059C72"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "05525018-AFE0-415C-A71C-A77922C7D637"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@mediatek.com"}