Vulnerability Details CVE-2026-20456
In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480851; Issue ID: MSV-6338.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.5%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2026-20456
-
cpe:2.3:h:mediatek:mt7902:-
-
cpe:2.3:h:mediatek:mt7920:-
-
cpe:2.3:h:mediatek:mt7921:-
-
cpe:2.3:h:mediatek:mt7922:-
-
cpe:2.3:h:mediatek:mt7925:-
-
cpe:2.3:h:mediatek:mt7927:-
-
cpe:2.3:o:mediatek:mt7902_firmware:-
-
cpe:2.3:o:mediatek:mt7920_firmware:-
-
cpe:2.3:o:mediatek:mt7921_firmware:-
-
cpe:2.3:o:mediatek:mt7922_firmware:-
-
cpe:2.3:o:mediatek:mt7925_firmware:-
-
cpe:2.3:o:mediatek:mt7927_firmware:-