Denial of Service Vulnerability in Modem by MediaTek
CVE-2026-20404
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 2 February 2026
What is CVE-2026-20404?
In MediaTek's modem, a security flaw exists due to insufficient input validation, which could allow attackers to induce a system crash. This vulnerability particularly arises when a User Equipment (UE) connects to a maliciously controlled rogue base station. Notably, the exploitation of this flaw does not require any user interaction nor elevated execution privileges, making it critical for users to ensure their devices are updated to versions that incorporate the necessary security patches.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT2735, MT2737, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6858, MT6873, MT6875, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6897, MT6899, MT6980, MT6983, MT6985, MT6986, MT6989, MT6990, MT6991, MT6993, MT8668, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 Modem NR15 , NR16 , NR17 , NR17R
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved