In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
MediaTek, Inc. MediaTek chipset unaffected
Version Status Constraints
MT6739 affected
MT6761 affected
MT6765 affected
MT6768 affected
MT6781 affected
MT6789 affected
MT6835 affected
MT6853 affected
MT6855 affected
MT6877 affected
MT6878 affected
MT6879 affected
MT6883 affected
MT6885 affected
MT6886 affected
MT6889 affected
MT6893 affected
MT6895 affected
MT6897 affected
MT6899 affected
MT6983 affected
MT6985 affected
MT6989 affected
MT6991 affected
MT8673 affected
MT8765 affected
MT8766 affected
MT8768 affected
MT8781 affected
MT8786 affected
MT8788 affected
MT8791T affected
MT8793 affected
MT8797 affected
MT8798 affected
MT8910 affected

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://corp.mediatek.com/product-security-bulletin/June-2026 cve-icon cve-icon
History

Mon, 01 Jun 2026 05:45:00 +0000

Type Values Removed Values Added
Title Local Privilege Escalation Through Race Condition in MediaTek Geniezone

Mon, 01 Jun 2026 04:00:00 +0000

Type Values Removed Values Added
Description In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6786.
Weaknesses CWE-367
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-06-01T03:20:11.445Z

Reserved: 2025-11-03T01:30:59.014Z

Link: CVE-2026-20454

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-01T04:16:22.033

Modified: 2026-06-01T04:16:22.033

Link: CVE-2026-20454

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T05:30:20Z

Weaknesses