Description
In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431968; Issue ID: MSV-5824.
Published: 2026-03-02
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local privilege escalation
Action: Apply patch
AI Analysis

Impact

The vulnerability is an out‑of‑bounds write in the MediaTek MAE (Media Access Engine) due to a missing bounds check, which can allow a local attacker who already possesses System privileges to elevate their privileges further. This flaw is an example of a buffer overflow (CWE-1285) and an out‑of‑bounds write (CWE-787). The description states no user interaction is required, indicating that exploitation can occur on the local machine after initial local access has been achieved.

Affected Systems

MediaTek chipsets MT2718, MT6899, MT6991, MT8678, and MT8793, as well as devices running Android 15.0, are potentially affected. Specific version information is not provided.

Risk and Exploitability

The CVSS score of 6.7 indicates medium severity. The EPSS probability of less than 1% reflects a low likelihood of exploitation in the wild. The vulnerability is not listed in CISA's KEV catalog, further suggesting limited active exploitation. Attackers would need local System‑level access to exploit this flaw, making it a local privilege escalation vector; user interaction is not required.

Generated by OpenCVE AI on April 16, 2026 at 05:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the MediaTek firmware patch ALPS10431968 to all devices using the MAE component.
  • Disable or limit the execution of the MAE service on devices that do not require it, reducing the potential impact surface.
  • Implement monitoring for unexpected changes in system privilege levels or unauthorized local privilege escalation attempts.

Generated by OpenCVE AI on April 16, 2026 at 05:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 06:15:00 +0000

Type Values Removed Values Added
Title Possible Out‑of‑Bounds Write in MediaTek MAE Leading to Local Privilege Escalation

Tue, 03 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mediatek
Mediatek mt2718
Mediatek mt6899
Mediatek mt6991
Mediatek mt8678
Mediatek mt8793
Weaknesses CWE-787
CPEs cpe:2.3:h:mediatek:mt2718:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
Vendors & Products Google
Google android
Mediatek
Mediatek mt2718
Mediatek mt6899
Mediatek mt6991
Mediatek mt8678
Mediatek mt8793

Mon, 02 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
Description In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431968; Issue ID: MSV-5824.
Weaknesses CWE-1285
References

Subscriptions

Google Android
Mediatek Mt2718 Mt6899 Mt6991 Mt8678 Mt8793
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-03-30T13:05:52.663Z

Reserved: 2025-11-03T01:30:59.012Z

Link: CVE-2026-20440

cve-icon Vulnrichment

Updated: 2026-03-02T13:30:15.756Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-02T09:16:17.307

Modified: 2026-03-03T13:03:52.427

Link: CVE-2026-20440

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T06:00:10Z

Weaknesses