Denial of Service Vulnerability in Mediatek Modem Devices
CVE-2026-20422
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 2 February 2026
What is CVE-2026-20422?
A vulnerability in Mediatek's modem devices allows for a potential system crash due to improper input validation. Attackers can exploit this vulnerability to trigger a remote denial of service when a user equipment (UE) connects to a malicious base station controlled by the attacker. The exploitation does not require any additional execution privileges or user interaction, making it particularly concerning for users relying on these devices. A patch (ID: MOLY00827332) has been issued to address this issue.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT2735, MT2737, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6858, MT6873, MT6875, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6897, MT6899, MT6980, MT6983, MT6985, MT6986, MT6989, MT6990, MT6991, MT6993, MT8668, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8775, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 Modem NR15, NR16, NR17, and NR17R
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved