Description
In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784.
Published: 2026-06-01
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an out‑of‑bounds write in MediaTek’s geniezone component where a missing bounds check could corrupt adjacent memory. An attacker who already has system privilege could exploit this to overwrite critical data, leading to local privilege escalation. The weakness corresponds to CWE‑787.

Affected Systems

Affected hardware is any MediaTek chipset that includes the geniezone firmware, as identified by MediaTek’s product security bulletin for June 2026. No specific versions were enumerated, so all current releases that contain the vulnerable implementation are potentially impacted.

Risk and Exploitability

The vulnerability does not require user interaction and can be triggered locally. The CVSS score of 7.8 classifies it as a high‑severity threat. EPSS data is not available, so the exploitation likelihood cannot be quantified. The issue is not listed in the CISA KEV catalog, so there are no known public exploits. However, because it allows local privilege escalation, any device where an attacker already has system‑level access could leverage it to gain full control.

Generated by OpenCVE AI on June 1, 2026 at 13:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply MediaTek patch ALPS10873936 identified in their bulletin.
  • Reboot the device after patching to clear any corrupted memory.
  • If patch is unavailable, upgrade to the latest chipset firmware that incorporates the fix.
  • As a temporary measure, restrict or disable geniezone functionality if possible to prevent the exploit from being reached.

Generated by OpenCVE AI on June 1, 2026 at 13:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek
Mediatek mt6739
Mediatek mt6739 Firmware
Mediatek mt6761
Mediatek mt6761 Firmware
Mediatek mt6765
Mediatek mt6765 Firmware
Mediatek mt6768
Mediatek mt6768 Firmware
Mediatek mt6781
Mediatek mt6781 Firmware
Mediatek mt6789
Mediatek mt6789 Firmware
Mediatek mt6835
Mediatek mt6835 Firmware
Mediatek mt6853
Mediatek mt6853 Firmware
Mediatek mt6855
Mediatek mt6855 Firmware
Mediatek mt6877
Mediatek mt6877 Firmware
Mediatek mt6878
Mediatek mt6878 Firmware
Mediatek mt6879
Mediatek mt6879 Firmware
Mediatek mt6883
Mediatek mt6883 Firmware
Mediatek mt6885
Mediatek mt6885 Firmware
Mediatek mt6886
Mediatek mt6886 Firmware
Mediatek mt6889
Mediatek mt6889 Firmware
Mediatek mt6893
Mediatek mt6893 Firmware
Mediatek mt6895
Mediatek mt6895 Firmware
Mediatek mt6897
Mediatek mt6897 Firmware
Mediatek mt6899
Mediatek mt6899 Firmware
Mediatek mt6983
Mediatek mt6983 Firmware
Mediatek mt6985
Mediatek mt6985 Firmware
Mediatek mt6989
Mediatek mt6989 Firmware
Mediatek mt6991
Mediatek mt6991 Firmware
Mediatek mt8673
Mediatek mt8673 Firmware
Mediatek mt8765
Mediatek mt8765 Firmware
Mediatek mt8766
Mediatek mt8766 Firmware
Mediatek mt8768
Mediatek mt8768 Firmware
Mediatek mt8781
Mediatek mt8781 Firmware
Mediatek mt8786
Mediatek mt8786 Firmware
Mediatek mt8788
Mediatek mt8788 Firmware
Mediatek mt8791t
Mediatek mt8791t Firmware
Mediatek mt8793
Mediatek mt8793 Firmware
Mediatek mt8797
Mediatek mt8797 Firmware
Mediatek mt8798
Mediatek mt8798 Firmware
Mediatek mt8910
Mediatek mt8910 Firmware
CPEs cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8910:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6739_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6761_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6765_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6768_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6781_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6789_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6853_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6855_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6877_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6878_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6879_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6883_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6885_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6886_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6889_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6893_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6895_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6983_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6985_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6989_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8673_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8765_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8766_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8768_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8781_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8786_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8788_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8791t_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8797_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8798_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8910_firmware:-:*:*:*:*:*:*:*
Vendors & Products Mediatek
Mediatek mt6739
Mediatek mt6739 Firmware
Mediatek mt6761
Mediatek mt6761 Firmware
Mediatek mt6765
Mediatek mt6765 Firmware
Mediatek mt6768
Mediatek mt6768 Firmware
Mediatek mt6781
Mediatek mt6781 Firmware
Mediatek mt6789
Mediatek mt6789 Firmware
Mediatek mt6835
Mediatek mt6835 Firmware
Mediatek mt6853
Mediatek mt6853 Firmware
Mediatek mt6855
Mediatek mt6855 Firmware
Mediatek mt6877
Mediatek mt6877 Firmware
Mediatek mt6878
Mediatek mt6878 Firmware
Mediatek mt6879
Mediatek mt6879 Firmware
Mediatek mt6883
Mediatek mt6883 Firmware
Mediatek mt6885
Mediatek mt6885 Firmware
Mediatek mt6886
Mediatek mt6886 Firmware
Mediatek mt6889
Mediatek mt6889 Firmware
Mediatek mt6893
Mediatek mt6893 Firmware
Mediatek mt6895
Mediatek mt6895 Firmware
Mediatek mt6897
Mediatek mt6897 Firmware
Mediatek mt6899
Mediatek mt6899 Firmware
Mediatek mt6983
Mediatek mt6983 Firmware
Mediatek mt6985
Mediatek mt6985 Firmware
Mediatek mt6989
Mediatek mt6989 Firmware
Mediatek mt6991
Mediatek mt6991 Firmware
Mediatek mt8673
Mediatek mt8673 Firmware
Mediatek mt8765
Mediatek mt8765 Firmware
Mediatek mt8766
Mediatek mt8766 Firmware
Mediatek mt8768
Mediatek mt8768 Firmware
Mediatek mt8781
Mediatek mt8781 Firmware
Mediatek mt8786
Mediatek mt8786 Firmware
Mediatek mt8788
Mediatek mt8788 Firmware
Mediatek mt8791t
Mediatek mt8791t Firmware
Mediatek mt8793
Mediatek mt8793 Firmware
Mediatek mt8797
Mediatek mt8797 Firmware
Mediatek mt8798
Mediatek mt8798 Firmware
Mediatek mt8910
Mediatek mt8910 Firmware

Mon, 01 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Title Out of Bounds Write in MediaTek Geniezone Allows Local Privilege Escalation

Mon, 01 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 06:45:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek, Inc.
Mediatek, Inc. mediatek Chipset
Vendors & Products Mediatek, Inc.
Mediatek, Inc. mediatek Chipset

Mon, 01 Jun 2026 05:45:00 +0000

Type Values Removed Values Added
Title Out of Bounds Write in MediaTek Geniezone Allows Local Privilege Escalation

Mon, 01 Jun 2026 04:00:00 +0000

Type Values Removed Values Added
Description In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10873936; Issue ID: MSV-6784.
Weaknesses CWE-787
References

Subscriptions

Mediatek Mt6739 Mt6739 Firmware Mt6761 Mt6761 Firmware Mt6765 Mt6765 Firmware Mt6768 Mt6768 Firmware Mt6781 Mt6781 Firmware Mt6789 Mt6789 Firmware Mt6835 Mt6835 Firmware Mt6853 Mt6853 Firmware Mt6855 Mt6855 Firmware Mt6877 Mt6877 Firmware Mt6878 Mt6878 Firmware Mt6879 Mt6879 Firmware Mt6883 Mt6883 Firmware Mt6885 Mt6885 Firmware Mt6886 Mt6886 Firmware Mt6889 Mt6889 Firmware Mt6893 Mt6893 Firmware Mt6895 Mt6895 Firmware Mt6897 Mt6897 Firmware Mt6899 Mt6899 Firmware Mt6983 Mt6983 Firmware Mt6985 Mt6985 Firmware Mt6989 Mt6989 Firmware Mt6991 Mt6991 Firmware Mt8673 Mt8673 Firmware Mt8765 Mt8765 Firmware Mt8766 Mt8766 Firmware Mt8768 Mt8768 Firmware Mt8781 Mt8781 Firmware Mt8786 Mt8786 Firmware Mt8788 Mt8788 Firmware Mt8791t Mt8791t Firmware Mt8793 Mt8793 Firmware Mt8797 Mt8797 Firmware Mt8798 Mt8798 Firmware Mt8910 Mt8910 Firmware
Mediatek, Inc. Mediatek Chipset
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-06-02T03:55:41.765Z

Reserved: 2025-11-03T01:30:59.014Z

Link: CVE-2026-20455

cve-icon Vulnrichment

Updated: 2026-06-01T11:06:24.811Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-01T04:16:22.163

Modified: 2026-06-01T17:56:37.953

Link: CVE-2026-20455

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T13:30:06Z

Weaknesses