Vulnerability Details CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.2%
CVSS Severity
CVSS v3 Score 8.0
Products affected by CVE-2026-20452
-
cpe:2.3:h:mediatek:mt6890:-
-
cpe:2.3:h:mediatek:mt7615:-
-
cpe:2.3:h:mediatek:mt7915:-
-
cpe:2.3:h:mediatek:mt7916:-
-
cpe:2.3:h:mediatek:mt7981:-
-
cpe:2.3:h:mediatek:mt7986:-
-
cpe:2.3:h:mediatek:mt7990:-
-
cpe:2.3:h:mediatek:mt7992:-
-
cpe:2.3:h:mediatek:mt7993:-
-
cpe:2.3:o:mediatek:mt6890_firmware:-
-
cpe:2.3:o:mediatek:mt7615_firmware:-
-
cpe:2.3:o:mediatek:mt7915_firmware:-
-
cpe:2.3:o:mediatek:mt7916_firmware:-
-
cpe:2.3:o:mediatek:mt7981_firmware:-
-
cpe:2.3:o:mediatek:mt7986_firmware:-
-
cpe:2.3:o:mediatek:mt7990_firmware:-
-
cpe:2.3:o:mediatek:mt7992_firmware:-
-
cpe:2.3:o:mediatek:mt7993_firmware:-