Out of Bounds Write Vulnerability in Mediatek Sec Boot
CVE-2026-20446

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mediatek Chipset
Vendor: CVE Published:; 7 April 2026

What is CVE-2026-20446?

The vulnerability in Mediatek's sec boot involves a possible out of bounds write caused by an integer overflow during the boot process. If an attacker gains physical access to the device, they can exploit this vulnerability to cause a local denial of service. User execution privileges are required for exploitation, meaning that no additional user interaction is necessary for the attack to be carried out. For more details, refer to the Mediatek product security bulletin.

Affected Version(s)

MediaTek chipset MT6813

References

https://corp.mediatek.com/product-security-bulletin/April...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Nov 3, 2025

CVE-2026-20446 Data

JSON