Description
In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.
Published: 2026-03-02
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local privilege escalation
Action: Immediate Patch
AI Analysis

Impact

A missing bounds check exists in the MediaTek display subsystem. When an attacker already holds System privilege on a device, exploiting this flaw can raise their privileges further, potentially enabling them to read or write sensitive memory and gain complete control of the device. The vulnerability does not require any user interaction and no remote or network‑based entry point is described.

Affected Systems

All MediaTek chipset variants listed in the CVE—MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT6993, MT8196, MT8678, MT8793—are affected. Devices that run Android 14.0, 15.0, or 16.0 firmware containing these chipsets are also impacted, as the display subsystem is embedded in the underlying firmware stack.

Risk and Exploitability

The CVSS score of 6.7 indicates medium severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires that an attacker already possesses System privilege and the flaw is local; no remote or user‑interaction prerequisite is required, making an attack path from an external threat actor unlikely.

Generated by OpenCVE AI on April 16, 2026 at 14:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the MediaTek firmware update that incorporates the ALPS10320471 patch to all affected devices.
  • Temporarily limit or quarantine local processes that have System privilege and interact with the display subsystem until the patch is applied.
  • Monitor device logs for abnormal memory access or privilege‑elevation events and contact vendor support if suspicious activity is observed.

Generated by OpenCVE AI on April 16, 2026 at 14:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Title Missing Bounds Check Enables Local Privilege Escalation in MediaTek Display Subsystem

Tue, 03 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mediatek
Mediatek mt6739
Mediatek mt6761
Mediatek mt6765
Mediatek mt6768
Mediatek mt6781
Mediatek mt6789
Mediatek mt6833
Mediatek mt6835
Mediatek mt6853
Mediatek mt6855
Mediatek mt6877
Mediatek mt6878
Mediatek mt6879
Mediatek mt6883
Mediatek mt6885
Mediatek mt6886
Mediatek mt6889
Mediatek mt6893
Mediatek mt6895
Mediatek mt6897
Mediatek mt6899
Mediatek mt6983
Mediatek mt6985
Mediatek mt6989
Mediatek mt6991
Mediatek mt6993
Mediatek mt8196
Mediatek mt8678
Mediatek mt8793
CPEs cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8196:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
Vendors & Products Google
Google android
Mediatek
Mediatek mt6739
Mediatek mt6761
Mediatek mt6765
Mediatek mt6768
Mediatek mt6781
Mediatek mt6789
Mediatek mt6833
Mediatek mt6835
Mediatek mt6853
Mediatek mt6855
Mediatek mt6877
Mediatek mt6878
Mediatek mt6879
Mediatek mt6883
Mediatek mt6885
Mediatek mt6886
Mediatek mt6889
Mediatek mt6893
Mediatek mt6895
Mediatek mt6897
Mediatek mt6899
Mediatek mt6983
Mediatek mt6985
Mediatek mt6989
Mediatek mt6991
Mediatek mt6993
Mediatek mt8196
Mediatek mt8678
Mediatek mt8793

Mon, 02 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
Description In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537.
Weaknesses CWE-787
References
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-03-30T13:05:27.026Z

Reserved: 2025-11-03T01:30:59.010Z

Link: CVE-2026-20427

cve-icon Vulnrichment

Updated: 2026-03-02T13:43:52.794Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-02T09:16:15.910

Modified: 2026-03-03T13:08:04.040

Link: CVE-2026-20427

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:45:25Z

Weaknesses