← Back

CVE-2026-20414

nvd nist
Published: Feb 2, 2026Modified: Jun 17, 2026

JSON object

Loading...
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.

Affected (1)

Products: Google: Android
1 product
Android
Configuration A
1 vulnerable · 8 platform
Vulnerable SoftwareAffected Versions
Version 15.0
Running on/withPlatform Versions
Mediatek
Mt6897
All versions
Mediatek
Mt6989
All versions
Mediatek
Mt8196
All versions
Mediatek
Mt8678
All versions
Mediatek
Mt8766
All versions
Mediatek
Mt8768
All versions
Mediatek
Mt8786
All versions
Mediatek
Mt8796
All versions

References (1)

Source: security@mediatek.com
Vendor Advisory

Timeline

No history available yet.