Remote Denial of Service Vulnerability in MediaTek Modem
CVE-2026-20450

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mediatek Chipset
Vendor: CVE Published:; 4 May 2026

What is CVE-2026-20450?

A vulnerability in MediaTek's Modem allows an attacker to potentially cause a system crash through improper error handling. This vulnerability can be exploited remotely if a User Equipment (UE) connects to a compromised base station controlled by an attacker, making it possible to induce a denial of service without the need for user interaction. Users are urged to apply the necessary patches to mitigate this security risk.

Affected Version(s)

MediaTek chipset MT2735

MediaTek chipset MT2737

MediaTek chipset MT6833

References

https://corp.mediatek.com/product-security-bulletin/May-2026

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 4, 2026
Vulnerability Reserved
Nov 3, 2025

CVE-2026-20450 Data

JSON