Nbiot Sdk
CVE-2026-20423
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
AnalysisAI
Nbiot Sdk contains a vulnerability that allows attackers to local escalation of privilege with User execution privileges needed (CVSS 7.8).
Technical ContextAI
affects Nbiot Sdk. In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
RemediationAI
Monitor vendor advisories for a patch.
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local
In httpclient, there is a possible out of bounds write due to uninitialized data. Rated critical severity (CVSS 9.8), th
Out-of-bounds write in Android WLAN STA driver due to missing bounds check allows local privilege escalation to System w
The Nbiot SDK's wlan STA driver contains a buffer overflow vulnerability due to missing bounds checking that allows priv
An uncaught exception in WLAN AP/STA firmware for NBIoT SDK, OpenWrt, and related development kits enables adjacent netw
In Bluetooth driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of s
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of se
In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local d
Same weakness CWE-749 – Exposed Dangerous Method or Function
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today