Remote Denial of Service Vulnerability in Modem by MediaTek
CVE-2026-20405
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 2 February 2026
What is CVE-2026-20405?
In MediaTek's Modem, a flaw exists due to a missing bounds check, which could result in a system crash. Attackers can exploit this vulnerability to cause a remote denial of service if a user equipment (UE) connects to a base station under the attacker's control. Notably, this exploitation does not require any additional execution privileges or user interaction, making it particularly concerning for affected users. Ensuring the application of the patch ID MOLY01688495 is critical for mitigating this risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT2735, MT2737, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6858, MT6873, MT6875, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6897, MT6899, MT6980, MT6983, MT6985, MT6986, MT6989, MT6990, MT6991, MT6993, MT8668, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 Modem NR15, NR16, NR17, NR17R
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved