CVE-2026-20433

high-risk

Published 2026-04-07

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01088681; Issue ID: MSV-4460.

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

ADJACENT_NETWORK / LOW complexity

Affected Products (20)

Mt2735 Firmware

Mt2737 Firmware

Mt6813 Firmware

Mt6833 Firmware

Mt6833P Firmware

Mt6835 Firmware

Mt6835T Firmware

Mt6853 Firmware

Mt6853T Firmware

Mt6855 Firmware

Mt6855T Firmware

Mt6873 Firmware

Mt6875 Firmware

Mt6875T Firmware

Mt6877 Firmware

Mt6877T Firmware

Mt6877Tt Firmware

Mt6878 Firmware

Mt6878M Firmware

Mt6879 Firmware

Affected Vendors

Mediatek

References (1)

Vendor Advisory https://corp.mediatek.com/product-security-bulletin/April-2026

/ 100

high-risk

Severity 27/34 · High

Exploitability 0/34 · Minimal

Exposure 27/34 · High