Out of Bounds Write Vulnerability in Mediatek Modem
CVE-2026-20434
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 2 March 2026
What is CVE-2026-20434?
A potential vulnerability has been identified in the Mediatek modem that allows for an out of bounds write due to a missing bounds check. If a user equipment (UE) connects to a rogue base station controlled by an attacker, this vulnerability may be exploited to escalate privileges remotely. While user interaction is necessary for the attack to occur, this flaw can pose a significant security threat if not promptly addressed. The recommended patch ID for remediation is MOLY00782946.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8668, MT8673, MT8675, MT8676, MT8678, MT8755, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8789, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 Modem LR12A, LR13, NR15, NR16, NR17
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved