Cyber Resilience

CVE-2026-20423

High

Published: 02 March 2026

Published
02 March 2026
Modified
03 March 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 3.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-20423 is a high-severity Exposed Dangerous Method or Function (CWE-749) vulnerability in Mediatek Nbiot Sdk. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-20423 is a vulnerability in the wlan STA driver that enables an out-of-bounds write due to a missing bounds check. This issue, tracked as Issue ID MSV-4956 and addressed by Patch ID WCNCR00465314, affects MediaTek components and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). It is associated with CWE-749 and CWE-787.

A local attacker with user execution privileges can exploit this vulnerability without requiring user interaction. Successful exploitation leads to escalation of privilege, potentially granting high-impact access to confidentiality, integrity, and availability of the affected system.

MediaTek's March 2026 Product Security Bulletin at https://corp.mediatek.com/product-security-bulletin/March-2026 provides details on mitigation, including the referenced patch WCNCR00465314. Security practitioners should apply vendor patches promptly to affected devices.

EU & UK References

Vulnerability details

In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID:…

more

WCNCR00465314; Issue ID: MSV-4956.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local out-of-bounds write in wlan driver directly enables privilege escalation from user to high privileges (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-20407Same product: Mediatek Mt7902
CVE-2026-20432Same vendor: Mediatek
CVE-2025-20727Same vendor: Mediatek
CVE-2025-20631Same vendor: Mediatek
CVE-2025-20708Same vendor: Mediatek
CVE-2025-20632Same vendor: Mediatek
CVE-2026-20434Same vendor: Mediatek
CVE-2026-20433Same vendor: Mediatek
CVE-2025-20646Same vendor: Mediatek
CVE-2025-20800Same vendor: Mediatek

Affected Assets

mediatek
nbiot sdk
≤ 3.8

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

preventrecover

Directly mandates timely identification, reporting, and patching of the out-of-bounds write flaw in the wlan STA driver as specified by Patch ID WCNCR00465314.

prevent

Requires validation and bounds checking of inputs to the wlan STA driver to prevent the missing bounds check that enables the out-of-bounds write.

prevent

Implements memory protections such as address space randomization and non-executable memory to mitigate exploitation of the out-of-bounds write for privilege escalation.

References