Description
In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791.
Published: 2026-06-01
Score: 6.7 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A missing bounds check in the MediaTek "geniezone" component can cause an out‑of‑bounds write. If an attacker already possesses System privileges on the device, this flaw can be triggered without any additional user interaction, turning a local user into a privileged process. The consequence is the potential compromise of data integrity and confidentiality, or the ability to further exploit the system after gaining higher privileges. The weakness corresponds to CWE‑787, an out‑of‑bounds write bug.

Affected Systems

The vulnerability affects devices that run the MediaTek chipset with the geniezone subsystem. No specific firmware or hardware version is listed, implying that all exposed geniezone implementations on MediaTek chipsets are potentially impacted until a patch is applied.

Risk and Exploitability

Because exploitation requires only local System privileges and no user action, the attack vector is local. The CVSS severity is not provided, so concrete numeric risk cannot be calculated, but out‑of‑bounds writes are traditionally considered high‑severity due to the ease of privilege escalation. There is no EPSS score available, and the vulnerability is not listed in the CISA KEV catalog, yet the potential impact justifies prompt remediation.

Generated by OpenCVE AI on June 1, 2026 at 05:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the MediaTek security update identified by patch ALPS10886526 (Issue ID MSV‑6791).
  • Reboot the device after installing the patch to ensure updated code is active.
  • Restrict or disable direct access to the geniezone subsystem until the patch is applied or an additional mitigation measure is implemented.

Generated by OpenCVE AI on June 1, 2026 at 05:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek, Inc.
Mediatek, Inc. mediatek Chipset
Vendors & Products Mediatek, Inc.
Mediatek, Inc. mediatek Chipset

Mon, 01 Jun 2026 06:15:00 +0000

Type Values Removed Values Added
Title Out‑of‑Bounds Write in MediaTek GenieZone Enables Local Privilege Escalation

Mon, 01 Jun 2026 04:00:00 +0000

Type Values Removed Values Added
Description In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10886526; Issue ID: MSV-6791.
Weaknesses CWE-787
References

Subscriptions

Mediatek, Inc. Mediatek Chipset
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-06-01T03:20:09.951Z

Reserved: 2025-11-03T01:30:59.013Z

Link: CVE-2026-20453

cve-icon Vulnrichment

Updated: 2026-06-01T11:02:46.851Z

cve-icon NVD

Status : Received

Published: 2026-06-01T04:16:21.900

Modified: 2026-06-01T04:16:21.900

Link: CVE-2026-20453

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T07:00:10Z

Weaknesses