System Crash Vulnerability in MediaTek Products
CVE-2026-20442

4.4MEDIUM

Key Information:

Vendor: MediaTek
Status: Mediatek Chipset
Vendor: CVE Published:; 2 March 2026

What is CVE-2026-20442?

This vulnerability in MediaTek's system software may allow a local denial of service through a use after free scenario, leading to a potential system crash. An attacker with system privileges can exploit this issue without any user interaction, putting users at risk. Immediate attention and patching are advised to mitigate the impact of this vulnerability. For more information, refer to the security bulletin from MediaTek.

Affected Version(s)

MediaTek chipset MT6739

MediaTek chipset MT6761

MediaTek chipset MT6765

References

https://corp.mediatek.com/product-security-bulletin/March...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2026
Vulnerability Reserved
Nov 3, 2025

CVE-2026-20442 Data

JSON