CVE-2026-20432

high-risk

Published 2026-04-07

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01406170; Issue ID: MSV-4461.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.0/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (20)

Mt2735 Firmware

Mt2737 Firmware

Mt6779 Firmware

Mt6781 Firmware

Mt6783 Firmware

Mt8781 Firmware

Mt8789 Firmware

Mt8791 Firmware

Mt8791T Firmware

Mt8792 Firmware

Mt8793 Firmware

Mt8795T Firmware

Mt8797 Firmware

Mt8798 Firmware

Mt8863 Firmware

Mt8873 Firmware

Mt8883 Firmware

Mt8893 Firmware

Mt6785 Firmware

Mt6789 Firmware

Affected Vendors

Mediatek

References (1)

Vendor Advisory https://corp.mediatek.com/product-security-bulletin/April-2026

/ 100

high-risk

Severity 25/34 · High

Exploitability 0/34 · Minimal

Exposure 27/34 · High