Description
In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.
Published: 2026-02-02
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

A use‑after‑free flaw in the MediaTek imgSys component can lead to local privilege escalation. The vulnerability lets an attacker who has already obtained System privileges gain higher privileges without user interaction. The CVE record does not provide details on the exact code paths or mechanisms.

Affected Systems

Affected devices are those built on MediaTek chipsets MT6897, MT6989, MT8196, MT8678, MT8766, MT8768, MT8786, MT8796, and devices running Android 15.0 that incorporate the current imgSys library. The vulnerability is present in all firmware revisions before the patch identified as ALPS10362999.

Risk and Exploitability

The flaw has a CVSS score of 6.7, indicating moderate severity, and an EPSS score of less than 1%, suggesting a low likelihood of exploitation in the wild. It is not listed in the CISA KEV catalog. An attacker with local system access could exploit the use‑after‑free to elevate privileges without user interaction.

Generated by OpenCVE AI on April 18, 2026 at 00:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑provided patch (ALPS10362999) to devices running affected firmware.
  • Update device firmware to the latest MediaTek releases that include the fix.
  • If the patch cannot be applied immediately, isolate the imgSys component or restrict its execution privileges to prevent the use‑after‑free exploit.

Generated by OpenCVE AI on April 18, 2026 at 00:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 01:00:00 +0000

Type Values Removed Values Added
Title MediaTek imgSys Use‑After‑Free Allows Local Privilege Escalation

Tue, 03 Feb 2026 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mediatek
Mediatek mt6897
Mediatek mt6989
Mediatek mt8196
Mediatek mt8678
Mediatek mt8766
Mediatek mt8768
Mediatek mt8786
Mediatek mt8796
CPEs cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8796:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
Vendors & Products Google
Google android
Mediatek
Mediatek mt6897
Mediatek mt6989
Mediatek mt8196
Mediatek mt8678
Mediatek mt8766
Mediatek mt8768
Mediatek mt8786
Mediatek mt8796

Mon, 02 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Feb 2026 08:30:00 +0000

Type Values Removed Values Added
Description In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.
Weaknesses CWE-416
References

Subscriptions

Google Android
Mediatek Mt6897 Mt6989 Mt8196 Mt8678 Mt8766 Mt8768 Mt8786 Mt8796
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-03-30T13:03:14.355Z

Reserved: 2025-11-03T01:30:59.009Z

Link: CVE-2026-20414

cve-icon Vulnrichment

Updated: 2026-02-02T13:50:16.889Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-02T09:15:56.457

Modified: 2026-02-03T21:54:32.993

Link: CVE-2026-20414

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T00:45:32Z

Weaknesses