CVE-2026-20455

7.8 HIGH

In geniezone, there is a possible out of bounds write due to a missing bounds check

Published: 2026-06-01 · Last updated: 2026-06-01

Severity and scoring

CVSS: 7.8 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787

Affected products

Vendor	Product
mediatek	mt6739_firmware, mt6761_firmware, mt6765_firmware

Description

In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-20455
[Vendor advisory]https://corp.mediatek.com/product-security-bulletin/June-2026

Related CVEs

Same vendor

CVE-2026-20456 — In wlan STA driver, there is a possible system crash due to a missing bounds check (5.5 MEDIUM)
CVE-2026-20454 — In geniezone, there is a possible out of bounds write due to a race condition (6.4 MEDIUM)
CVE-2026-20453 — In geniezone, there is a possible out of bounds write due to a missing bounds check (6.7 MEDIUM)
CVE-2026-20452 — In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow (8.0 HIGH)

Same CWE

CVE-2026-8358 — LibreOffice Calc can import tracked changes from a spreadsheet document
CVE-2026-8357 — LibreOffice Calc compiles cell formulas when opening a spreadsheet
CVE-2026-8356 — LibreOffice can import presentations in the legacy binary PPT format
CVE-2026-6047 — LibreOffice can import documents in the OOXML format (DOCX)
CVE-2026-6045 — LibreOffice can import EMF+ graphics, which may be embedded in documents