CVE-2026-20433
CVSS Score
8.8
EPSS Score
0.1%
EPSS Percentile
18th
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01088681; Issue ID: MSV-4460.
| CWE | CWE-787 |
| Vendor | mediatek, inc. |
| Product | mediatek chipset |
| Published | Apr 7, 2026 |
| Last Updated | Apr 8, 2026 |
Stay Ahead of the Next One
Get instant alerts for mediatek, inc. mediatek chipset
Be the first to know when new high vulnerabilities affecting mediatek, inc. mediatek chipset are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
MediaTek, Inc. / MediaTek chipset
MT2735 MT2737 MT6813 MT6833 MT6833P MT6835 MT6835T MT6853 MT6853T MT6855 MT6855T MT6873 MT6875 MT6875T MT6877 MT6877T MT6877TT MT6878 MT6878M MT6879 MT6880 MT6883 MT6885 MT6886 MT6889 MT6890 MT6891 MT6893 MT6895 MT6895TT MT6896 MT6897 MT6899 MT6980 MT6980D MT6983 MT6983T MT6985 MT6985T MT6989 MT6989T MT6990 MT6991 MT8668 MT8673 MT8675 MT8676 MT8678 MT8755 MT8771 MT8775 MT8791 MT8791T MT8792 MT8793 MT8795T MT8797 MT8798 MT8863 MT8873 MT8883 MT8893