Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
Windows WLAN Driver Allows Unauthorized Access to System
CVE-2026-20423
Summary
A flaw in the Windows WLAN driver could allow an attacker with normal user privileges to gain elevated access to the system. This means an attacker could potentially take control of the system or access sensitive information. A patch is available to fix this issue, and it's recommended to apply it as soon as possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| mediatek | nbiot_sdk | <= 3.8 | – |
Original title
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction i...
Original description
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
nvd CVSS3.1
7.8
Vulnerability type
CWE-749
CWE-787
Out-of-bounds Write
- https://corp.mediatek.com/product-security-bulletin/March-2026 Vendor Advisory
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026