Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.7
Windows WLAN Driver Privilege Escalation Risk
CVE-2026-20436
Summary
A flaw in the Windows WLAN driver can allow an attacker with system access to gain even more power on the affected computer. This could lead to unauthorized changes or data theft. To fix this, update the driver with the latest patch.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| mediatek | nbiot_sdk | <= 3.8 | – |
Original title
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System ...
Original description
In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00473802; Issue ID: MSV-5970.
nvd CVSS3.1
6.7
Vulnerability type
CWE-120
Classic Buffer Overflow
- https://corp.mediatek.com/product-security-bulletin/March-2026 Vendor Advisory
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026