{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20415", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2025-11-03T01:30:59.009Z", "datePublished": "2026-02-02T08:15:11.784Z", "dateUpdated": "2026-03-30T13:03:16.932Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2026-03-30T13:03:16.932Z"}, "descriptions": [{"lang": "en", "value": "In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MediaTek chipset", "defaultStatus": "unaffected", "versions": [{"version": "MT6897", "status": "affected"}, {"version": "MT6989", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2026"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "cweId": "CWE-415", "description": "CWE-415 Double Free"}]}], "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-02T20:58:00.535480Z", "id": "CVE-2026-20415", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-02T20:58:27.102Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-20415", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-02T20:58:00.535480Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-02T20:56:33.837Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MediaTek chipset", "versions": [{"status": "affected", "version": "MT6897"}, {"status": "affected", "version": "MT6989"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2026"}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-415", "description": "CWE-415 Double Free"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2026-03-30T13:03:16.932Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20415", "state": "PUBLISHED", "dateUpdated": "2026-03-30T13:03:16.932Z", "dateReserved": "2025-11-03T01:30:59.009Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2026-02-02T08:15:11.784Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617."}], "id": "CVE-2026-20415", "lastModified": "2026-02-03T21:53:59.340", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-02T09:15:56.590", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2026"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "security@mediatek.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T14:18:46.402835+00:00", "value": {"mitigation_remediation": ["Update the device firmware or OS to a version that includes Patch ID ALPS10363254 (Issue ID MSV\u20115617).", "Reboot the device after applying the patch to clear any corrupted internal state.", "If an immediate patch is unavailable, temporarily disable or restrict access to the imgSys component through vendor\u2011supplied configuration or system settings to prevent the exploit from being triggered."], "summary": {"action": "Apply Patch", "impact": "Local Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects MediaTek chipsets MT6897 and MT6989, and is relevant to devices running Android 15.0 that incorporate these chipsets.", "description_and_impact": "In the MediaTek imgsys component, improper locking (CWE\u2011667) and a potential double\u2011free (CWE\u2011415) can lead to a memory corruption condition that a local attacker with System privilege could exploit to cause a denial\u2011of\u2011service state. The flaw does not require user interaction and can be triggered by the corrupted internal state, rendering the system unresponsive until resolved.", "risk_and_exploitability": "The flaw scores a CVSS 5.5 score with a very low exploit probability (EPSS <\u20091%) and is not listed in CISA\u2019s KEV catalog. Exploitation requires local access with System privilege; an attacker must have already gained elevated rights, after which the flaw can be triggered without further user interaction. The likelihood of widespread exploitation remains low but the impact on affected devices is significant if the attacker succeeds."}}}}, "created": "2026-02-04T12:45:09.731549+00:00", "updated": "2026-04-18T14:30:02.936210+00:00", "vendors": ["mediatek", "mediatek$PRODUCT$mt6897", "mediatek$PRODUCT$mt6989"]}