SecuriTricks - CVE-2026-20420

Description

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738313; Issue ID: MSV-5935.

Product(s) Impacted

Vendor	Product	Versions
Mediatek	Nr15 Nr16 Nr17 Nr17r Mt2735 Mt2737 Mt6813 Mt6815 Mt6833 Mt6835 Mt6853 Mt6855 Mt6858 Mt6873 Mt6875 Mt6877 Mt6878 Mt6879 Mt6880 Mt6883 Mt6885 Mt6886 Mt6889 Mt6890 Mt6891 Mt6893 Mt6895 Mt6896 Mt6897 Mt6899 Mt6980 Mt6983 Mt6985 Mt6986 Mt6989 Mt6990 Mt6991 Mt6993 Mt8676 Mt8791	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
o	mediatek	nr15	-	/	/	/	/	/	/	/
o	mediatek	nr16	-	/	/	/	/	/	/	/
o	mediatek	nr17	-	/	/	/	/	/	/	/
o	mediatek	nr17r	-	/	/	/	/	/	/	/
h	mediatek	mt2735	-	/	/	/	/	/	/	/
h	mediatek	mt2737	-	/	/	/	/	/	/	/
h	mediatek	mt6813	-	/	/	/	/	/	/	/
h	mediatek	mt6815	-	/	/	/	/	/	/	/
h	mediatek	mt6833	-	/	/	/	/	/	/	/
h	mediatek	mt6835	-	/	/	/	/	/	/	/
h	mediatek	mt6853	-	/	/	/	/	/	/	/
h	mediatek	mt6855	-	/	/	/	/	/	/	/
h	mediatek	mt6858	-	/	/	/	/	/	/	/
h	mediatek	mt6873	-	/	/	/	/	/	/	/
h	mediatek	mt6875	-	/	/	/	/	/	/	/
h	mediatek	mt6877	-	/	/	/	/	/	/	/
h	mediatek	mt6878	-	/	/	/	/	/	/	/
h	mediatek	mt6879	-	/	/	/	/	/	/	/
h	mediatek	mt6880	-	/	/	/	/	/	/	/
h	mediatek	mt6883	-	/	/	/	/	/	/	/
h	mediatek	mt6885	-	/	/	/	/	/	/	/
h	mediatek	mt6886	-	/	/	/	/	/	/	/
h	mediatek	mt6889	-	/	/	/	/	/	/	/
h	mediatek	mt6890	-	/	/	/	/	/	/	/
h	mediatek	mt6891	-	/	/	/	/	/	/	/
h	mediatek	mt6893	-	/	/	/	/	/	/	/
h	mediatek	mt6895	-	/	/	/	/	/	/	/
h	mediatek	mt6896	-	/	/	/	/	/	/	/
h	mediatek	mt6897	-	/	/	/	/	/	/	/
h	mediatek	mt6899	-	/	/	/	/	/	/	/
h	mediatek	mt6980	-	/	/	/	/	/	/	/
h	mediatek	mt6983	-	/	/	/	/	/	/	/
h	mediatek	mt6985	-	/	/	/	/	/	/	/
h	mediatek	mt6986	-	/	/	/	/	/	/	/
h	mediatek	mt6989	-	/	/	/	/	/	/	/
h	mediatek	mt6990	-	/	/	/	/	/	/	/
h	mediatek	mt6991	-	/	/	/	/	/	/	/
h	mediatek	mt6993	-	/	/	/	/	/	/	/
h	mediatek	mt8676	-	/	/	/	/	/	/	/
h	mediatek	mt8791	-	/	/	/	/	/	/	/

References

https://corp.mediatek.com/product-security-bulletin/February-2026

CVSS Score

7.5 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

View Vector String

Timeline

Published: Feb. 2, 2026, 9:15 a.m.
Last Modified: Feb. 3, 2026, 9:25 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

CVE-2026-20420