ГлавнаяУязвимости → CVE-2026-20407
9.3критическая

CVE-2026-20407

Описание

In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00464377; Issue ID: MSV-4905.

Затрагиваемое ПО
Mediatek Nbiot sdkMediatek Mt7902Mediatek Mt7920Mediatek Mt7921Mediatek Mt7922Mediatek Mt7925Mediatek Mt7927
CVSS
Балл9.3 — критическая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/February-2026