Strix
26.1K

CVE-2026-20451

MEDIUMCVSS 6.7/10EPSS 0.15%

Last modified

CVE-2026-20451 is a medium-severity vulnerability rated 6.7/10 on the CVSS scale. In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. EPSS estimates a 0.15% chance of exploitation in the next 30 days.

Description

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.

Metrics

CVSS 3.1
6.7/10

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.15%

4.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
MediatekMt8115 FirmwareAll versions
MediatekMt8186 FirmwareAll versions
MediatekMt8188 FirmwareAll versions
MediatekMt8196 FirmwareAll versions
MediatekMt8365 FirmwareAll versions
MediatekMt8367 FirmwareAll versions
MediatekMt8370 FirmwareAll versions
MediatekMt8371 FirmwareAll versions
MediatekMt8390 FirmwareAll versions
MediatekMt8391 FirmwareAll versions
MediatekMt8395 FirmwareAll versions
MediatekMt8676 FirmwareAll versions
MediatekMt8678 FirmwareAll versions
MediatekMt8766 FirmwareAll versions
MediatekMt8768 FirmwareAll versions
MediatekMt8775 FirmwareAll versions
MediatekMt8781 FirmwareAll versions
MediatekMt8786 FirmwareAll versions
MediatekMt8788e FirmwareAll versions
MediatekMt8791t FirmwareAll versions
MediatekMt8792 FirmwareAll versions
MediatekMt8793 FirmwareAll versions
MediatekMt8796 FirmwareAll versions
MediatekMt8873 FirmwareAll versions
MediatekMt8883 FirmwareAll versions
MediatekMt8893 FirmwareAll versions
MediatekMt8910 FirmwareAll versions
MediatekMt2718 FirmwareAll versions
MediatekMt6899 FirmwareAll versions
MediatekMt6985 FirmwareAll versions
MediatekMt6989 FirmwareAll versions
MediatekMt6991 FirmwareAll versions

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2026-20451?
In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504.
How severe is CVE-2026-20451?
CVE-2026-20451 has a CVSS score of 6.7/10 (MEDIUM severity). The EPSS model estimates a 0.15% probability of exploitation in the next 30 days.
How do I fix CVE-2026-20451?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2026-20451?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST