Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (SamsungMobile).
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions.
AnalysisAI
Improper access control in the MediaTek Audio HAL on Samsung Mobile Devices running Android 14, 15, and 16 permits local unprivileged attackers to invoke restricted privileged functions within the audio subsystem. The CVSS 4.0 subsequent system impact is rated High across confidentiality, integrity, and availability (SC:H/SI:H/SA:H), indicating that successful exploitation can cascade well beyond the Audio HAL itself to compromise broader device system components. No public exploit identified at time of analysis; Samsung has released a fix in SMR Jun-2026 Release 1.
Technical ContextAI
The MediaTek Audio HAL (Hardware Abstraction Layer) is a privileged Android system component on Samsung devices with MediaTek SoCs that mediates between the Android audio framework and hardware-level audio drivers, operating with elevated system trust. The vulnerability arises from missing or insufficient access control enforcement within this HAL, allowing callers without elevated privileges (consistent with CWE-284 Improper Access Control, though no CWE is formally assigned) to invoke functions that should be gated to trusted system processes. The CVSS 4.0 vector AV:L/AC:L/AT:N/PR:N/UI:N reflects that while execution is local, no privilege or configuration prerequisites are required to reach the vulnerable interface. The high subsequent system impact scores (SC:H/SI:H/SA:H) indicate that the Audio HAL's privileged context provides a foothold into components beyond its own scope. Affected CPE: cpe:2.3:a:samsung_mobile:samsung_mobile_devices:*:*:*:*:*:*:*:*.
RemediationAI
Apply the Samsung Monthly Security Release SMR Jun-2026 Release 1, which patches this vulnerability across Android 14, 15, and 16 on affected Samsung Mobile Devices with MediaTek chipsets. The official advisory and update details are published at https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=06. For enterprise environments managing Samsung devices via MDM, enforcing application allowlisting or disabling sideloading of untrusted APKs can reduce the attack surface as a compensating control prior to patching, since exploitation requires local code execution - this constrains the threat to physical access or pre-approved application vectors, though it does not remediate the underlying flaw. No additional vendor-specified workarounds are documented in available data.
WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to an authentication bypa
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows atta
The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rat
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rat
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rat
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rat
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rat
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34802
GHSA-v3x7-4j5m-jrm2