Memory Corruption Vulnerability in MediaTek Modem Products
CVE-2026-20458

Currently unrated

Key Information:

Vendor

MediaTek

Vendor
CVE Published:
1 July 2026

What is CVE-2026-20458?

A memory corruption issue has been identified in MediaTek's Modem products due to a missing bounds check. This flaw can be exploited by an attacker controlling a rogue base station, allowing for remote escalation of privileges without requiring additional execution privileges or user interaction. Affected users should apply the available patch (Patch ID: MOLY01402160) to mitigate potential risks associated with this vulnerability.

Affected Version(s)

MediaTek chipset MT2716

MediaTek chipset MT2737

MediaTek chipset MT6739

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.