CVE-2026-20446: In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of serv

Description

In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service, if an attacker has physical access to the device, with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09963054; Issue ID: MSV-3899.

Affected Products

Vendor	Product	Versions
mediatek	mediatek chipset	MT6813

References

https://corp.mediatek.com/product-security-bulletin/April-2026

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-20446 | MediaTek MT6813 sec boot out-of-bounds write (MSV-3899 / ALPS09963054)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

ALPS09963054

CWECWE-787

PublishedApr 7, 2026

Last enriched2h agov2

Trending Score31

Source articles2

Independent1

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated severity to CRITICAL and corrected exploit availability to false.

severitypatchAvailable

via VulDB

v13h ago

Initial creation