CVE-2026-20440
EUVD-2026-916502.03.2026, 09:16
In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431968; Issue ID: MSV-5824.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| android | 15.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in InputThe product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.