CVE-2026-20446

MEDIUM

Mediatek, Inc. MediaTek Chipset < MT6813 - Denial of Service

Title source: rule

Description

In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09963054; Issue ID: MSV-3899.

References (1)

https://corp.mediatek.com/product-security-bulletin/April-2026

Scores

CVSS v3 4.3

EPSS 0.0001

EPSS Percentile 0.4%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190 CWE-787

Status published

Products (2)

mediatek/mt6813_firmware

MediaTek, Inc./MediaTek chipset MT6813

Published Apr 07, 2026

Tracked Since Apr 07, 2026