Privilege Escalation Vulnerability in MediaTek's cameraisp Product
CVE-2026-20411

7.8HIGH

Key Information:

Vendor: MediaTek
Status: Mediatek Chipset
Vendor: CVE Published:; 2 February 2026

What is CVE-2026-20411?

In MediaTek's cameraisp, a vulnerability allows for privilege escalation due to a use-after-free error. This issue can lead to a local denial of service, especially if the attacker has already acquired system privileges. Exploitation does not require user interaction, making it a critical concern for security. Affected users are encouraged to apply the patch identified by ALPS10351676 to mitigate the risks associated with this vulnerability.

Affected Version(s)

MediaTek chipset MT6878

MediaTek chipset MT6879

MediaTek chipset MT6881

References

https://corp.mediatek.com/product-security-bulletin/Febru...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2026
Vulnerability Reserved
Nov 3, 2025

CVE-2026-20411 Data

JSON