CVE-2026-20453
6.7 MEDIUMIn geniezone, there is a possible out of bounds write due to a missing bounds check
Published: 2026-06-01 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 6.7 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-787
Affected products
| Vendor | Product |
|---|---|
| mediatek | mt6739_firmware, mt6761_firmware, mt6765_firmware |
Description
In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-20456 — In wlan STA driver, there is a possible system crash due to a missing bounds check (5.5 MEDIUM)
- CVE-2026-20455 — In geniezone, there is a possible out of bounds write due to a missing bounds check (7.8 HIGH)
- CVE-2026-20454 — In geniezone, there is a possible out of bounds write due to a race condition (6.4 MEDIUM)
- CVE-2026-20452 — In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow (8.0 HIGH)
Same CWE
- CVE-2026-54410 — nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows ... (8.6 HIGH)
- CVE-2026-6676 — Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execu... (7.8 HIGH)
- CVE-2025-14098 — Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executab... (7.8 HIGH)
- CVE-2026-41157 — A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU ...
- CVE-2026-34195 — Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in t...