CVE-2026-20445 Google — Exploit & Vulnerability Details MEDIUM

Parameter	Value
CVSS	4.4 (MEDIUM)
Type	CWE-367 (Time-of-check Time-of-use (TOCTOU))
Vendor	Google
Public PoC	No

In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation.

Patch ID: ALPS10289875; Issue ID: MSV-5184.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

High

Difficult to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

None

No data leak

Integrity

None

No data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-367 Time-of-check Time-of-use (TOCTOU)

Vulnerable Products 26

Configuration	From (including)	Up to (excluding)
Google Android cpe:2.3:o:google:android:14.0:::::::*	—	—
Google Android cpe:2.3:o:google:android:15.0:::::::*	—	—
Google Android cpe:2.3:o:google:android:16.0:-::::::	—	—
Mediatek Mt6835 cpe:2.3:h:mediatek:mt6835:-:::::::*	—	—
Mediatek Mt6855 cpe:2.3:h:mediatek:mt6855:-:::::::*	—	—
Mediatek Mt6878 cpe:2.3:h:mediatek:mt6878:-:::::::*	—	—
Mediatek Mt6879 cpe:2.3:h:mediatek:mt6879:-:::::::*	—	—
Mediatek Mt6883 cpe:2.3:h:mediatek:mt6883:-:::::::*	—	—
Mediatek Mt6885 cpe:2.3:h:mediatek:mt6885:-:::::::*	—	—
Mediatek Mt6886 cpe:2.3:h:mediatek:mt6886:-:::::::*	—	—
Mediatek Mt6889 cpe:2.3:h:mediatek:mt6889:-:::::::*	—	—
Mediatek Mt6893 cpe:2.3:h:mediatek:mt6893:-:::::::*	—	—
Mediatek Mt6895 cpe:2.3:h:mediatek:mt6895:-:::::::*	—	—
Mediatek Mt6897 cpe:2.3:h:mediatek:mt6897:-:::::::*	—	—
Mediatek Mt6899 cpe:2.3:h:mediatek:mt6899:-:::::::*	—	—
Mediatek Mt6983 cpe:2.3:h:mediatek:mt6983:-:::::::*	—	—
Mediatek Mt6985 cpe:2.3:h:mediatek:mt6985:-:::::::*	—	—
Mediatek Mt6989 cpe:2.3:h:mediatek:mt6989:-:::::::*	—	—
Mediatek Mt6991 cpe:2.3:h:mediatek:mt6991:-:::::::*	—	—
Mediatek Mt6993 cpe:2.3:h:mediatek:mt6993:-:::::::*	—	—
Mediatek Mt8188 cpe:2.3:h:mediatek:mt8188:-:::::::*	—	—
Mediatek Mt8678 cpe:2.3:h:mediatek:mt8678:-:::::::*	—	—
Mediatek Mt8755 cpe:2.3:h:mediatek:mt8755:-:::::::*	—	—
Mediatek Mt8771 cpe:2.3:h:mediatek:mt8771:-:::::::*	—	—
Mediatek Mt8797 cpe:2.3:h:mediatek:mt8797:-:::::::*	—	—
Mediatek Mt8798 cpe:2.3:h:mediatek:mt8798:-:::::::*	—	—

References 1

https://corp.mediatek.com/product-security-bulletin/March-2026

security@mediatek.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-6364

Google

6.5

CVE-2026-6363

Google

8.8

CVE-2026-6362

Google

6.3

CVE-2026-6361

Google

7.2

CVE-2026-6360

Google

8.8

Menu

CVE-2026-20445

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 26

References 1

Related Vulnerabilities

CVE-2026-6364

CVE-2026-6363

CVE-2026-6362

CVE-2026-6361

CVE-2026-6360

CVE Details

Editor's Choice

Menu

CVE-2026-20445

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 26

References 1

Related Vulnerabilities

CVE-2026-6364

CVE-2026-6363

CVE-2026-6362

CVE-2026-6361

CVE-2026-6360

CVE Details

Editor's Choice

Stay informed on cybersecurity