CVE-2026-20423
EUVD-2026-915102.03.2026, 09:16
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mediatek | nbiot_sdk | 𝑥 ≤ 3.8 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-749 - Exposed Dangerous Method or FunctionThe software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.