CVE-2026-20452: CWE-122 Heap Overflow in MediaTek, Inc. MediaTek chipset
CVE-2026-20452 is a heap buffer overflow vulnerability in the wlan AP driver of MediaTek chipsets. It allows remote attackers in proximal or adjacent network positions to cause memory corruption that could lead to code execution with user-level privileges. Exploitation does not require user interaction. The vulnerability affects multiple MediaTek chipset models including MT6890, MT7615, MT7915, MT7916, MT7981, MT7986, MT7990, MT7992, and MT7993. The CVSS v3. 1 base score is 8. 0, indicating high severity. No official patch or remediation level has been confirmed yet, and no known exploits are reported in the wild.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-20452) is a heap buffer overflow (CWE-122) in the wlan AP driver of various MediaTek chipsets. It can cause memory corruption that may enable remote code execution with user privileges. The attack vector requires adjacent or proximal network access but no user interaction. The affected chipset models are MT6890, MT7615, MT7915, MT7916, MT7981, MT7986, MT7990, MT7992, and MT7993. The CVSS 3.1 score is 8.0 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting a high-impact vulnerability. The vendor has assigned a patch ID (WCNCR00480138) but no public patch or remediation details are currently available. The vulnerability is published and assigned by MediaTek but no exploits are known in the wild at this time.
Potential Impact
Successful exploitation can lead to remote code execution with user-level privileges on affected MediaTek chipsets via a heap buffer overflow in the wlan AP driver. This can result in full compromise of the affected device's user-space processes, including confidentiality, integrity, and availability impacts. The attack requires network proximity but no user interaction. No known exploits have been reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. The vendor has assigned a patch ID but no official patch or remediation level is publicly confirmed. Until a patch is available, limit network exposure of affected devices to trusted networks and monitor vendor communications for updates.
CVE-2026-20452: CWE-122 Heap Overflow in MediaTek, Inc. MediaTek chipset
Description
CVE-2026-20452 is a heap buffer overflow vulnerability in the wlan AP driver of MediaTek chipsets. It allows remote attackers in proximal or adjacent network positions to cause memory corruption that could lead to code execution with user-level privileges. Exploitation does not require user interaction. The vulnerability affects multiple MediaTek chipset models including MT6890, MT7615, MT7915, MT7916, MT7981, MT7986, MT7990, MT7992, and MT7993. The CVSS v3. 1 base score is 8. 0, indicating high severity. No official patch or remediation level has been confirmed yet, and no known exploits are reported in the wild.
CVSS v3.1
Score 8.0high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-20452) is a heap buffer overflow (CWE-122) in the wlan AP driver of various MediaTek chipsets. It can cause memory corruption that may enable remote code execution with user privileges. The attack vector requires adjacent or proximal network access but no user interaction. The affected chipset models are MT6890, MT7615, MT7915, MT7916, MT7981, MT7986, MT7990, MT7992, and MT7993. The CVSS 3.1 score is 8.0 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting a high-impact vulnerability. The vendor has assigned a patch ID (WCNCR00480138) but no public patch or remediation details are currently available. The vulnerability is published and assigned by MediaTek but no exploits are known in the wild at this time.
Potential Impact
Successful exploitation can lead to remote code execution with user-level privileges on affected MediaTek chipsets via a heap buffer overflow in the wlan AP driver. This can result in full compromise of the affected device's user-space processes, including confidentiality, integrity, and availability impacts. The attack requires network proximity but no user interaction. No known exploits have been reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. The vendor has assigned a patch ID but no official patch or remediation level is publicly confirmed. Until a patch is available, limit network exposure of affected devices to trusted networks and monitor vendor communications for updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- MediaTek
- Date Reserved
- 2025-11-03T01:30:59.013Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1d8336e29bf47b50f6ae41
Added to database: 6/1/2026, 1:03:50 PM
Last enriched: 6/1/2026, 1:18:34 PM
Last updated: 6/1/2026, 6:06:15 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.