Description
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5540.
Published: 2026-03-02
Score: 4.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Information Disclosure
Action: Patch
AI Analysis

Impact

A missing bounds check in the display component of certain MediaTek chipsets allows an out‑of‑bounds read that can reveal sensitive data on the device. The vulnerability is an Out‑of‑Bounds Read (CWE‑125) where an attacker with system‑level privileges can obtain memory contents that the software normally protects.

Affected Systems

The issue affects several MediaTek series chipsets, including MT6991, MT6993, MT8196, MT8678, and MT8793. Devices running Android 15.0 and Android 16.0 that incorporate these chipsets are also impacted. The vendor has released a patch identified as ALPS10320471 to address the flaw.

Risk and Exploitability

The CVSS base score of 4.4 rates the severity as moderate, and the EPSS score is below 1%, indicating very low current exploitation likelihood. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires local system privileges and does not need user interaction, so the risk is confined to privileged attackers within the device.

Generated by OpenCVE AI on April 16, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the MediaTek patch ALPS10320471 to all affected chipsets.
  • Update the Android operating system to the latest patch level that includes the chipset fix.
  • If no patch is available, ensure firmware and drivers are upgraded to the vendor‑supplied secure versions.

Generated by OpenCVE AI on April 16, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Read Leading to Local Information Disclosure on MediaTek Chipsets

Tue, 03 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mediatek
Mediatek mt6991
Mediatek mt6993
Mediatek mt8196
Mediatek mt8678
Mediatek mt8793
CPEs cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
Vendors & Products Google
Google android
Mediatek
Mediatek mt6991
Mediatek mt6993
Mediatek mt8196
Mediatek mt8678
Mediatek mt8793

Mon, 02 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
Description In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5540.
Weaknesses CWE-125
References

Subscriptions

Google Android
Mediatek Mt6991 Mt6993 Mt8196 Mt8678 Mt8793
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-03-30T13:06:09.623Z

Reserved: 2025-11-03T01:30:59.010Z

Link: CVE-2026-20424

cve-icon Vulnrichment

Updated: 2026-03-02T13:57:27.242Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-02T09:16:15.493

Modified: 2026-03-03T13:11:04.677

Link: CVE-2026-20424

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:45:25Z

Weaknesses