CVE-2026-20433

EUVD-2026-19568
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01088681; Issue ID: MSV-4460.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
mediatekmt2735_firmware
-
mediatekmt2737_firmware
-
mediatekmt6813_firmware
-
mediatekmt6833_firmware
-
mediatekmt6833p_firmware
-
mediatekmt6835_firmware
-
mediatekmt6835t_firmware
-
mediatekmt6853_firmware
-
mediatekmt6853t_firmware
-
mediatekmt6855_firmware
-
mediatekmt6855t_firmware
-
mediatekmt6873_firmware
-
mediatekmt6875_firmware
-
mediatekmt6875t_firmware
-
mediatekmt6877_firmware
-
mediatekmt6877t_firmware
-
mediatekmt6877tt_firmware
-
mediatekmt6878_firmware
-
mediatekmt6878m_firmware
-
mediatekmt6879_firmware
-
mediatekmt6880_firmware
-
mediatekmt6883_firmware
-
mediatekmt6885_firmware
-
mediatekmt6886_firmware
-
mediatekmt6889_firmware
-
mediatekmt6890_firmware
-
mediatekmt6891_firmware
-
mediatekmt6893_firmware
-
mediatekmt6895_firmware
-
mediatekmt6895tt_firmware
-
mediatekmt6896_firmware
-
mediatekmt6897_firmware
-
mediatekmt6899_firmware
-
mediatekmt6980_firmware
-
mediatekmt6980d_firmware
-
mediatekmt6983_firmware
-
mediatekmt6983t_firmware
-
mediatekmt6985_firmware
-
mediatekmt6985t_firmware
-
mediatekmt6989_firmware
-
mediatekmt6989t_firmware
-
mediatekmt6990_firmware
-
mediatekmt6991_firmware
-
mediatekmt8668_firmware
-
mediatekmt8673_firmware
-
mediatekmt8675_firmware
-
mediatekmt8676_firmware
-
mediatekmt8678_firmware
-
mediatekmt8755_firmware
-
mediatekmt8771_firmware
-
mediatekmt8775_firmware
-
mediatekmt8791_firmware
-
mediatekmt8791t_firmware
-
mediatekmt8792_firmware
-
mediatekmt8793_firmware
-
mediatekmt8795t_firmware
-
mediatekmt8797_firmware
-
mediatekmt8798_firmware
-
mediatekmt8863_firmware
-
mediatekmt8873_firmware
-
mediatekmt8883_firmware
-
mediatekmt8893_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://corp.mediatek.com/product-security-bulletin/April-2026