Denial of Service Vulnerability in MediaTek Modem Products
CVE-2026-20459
Currently unrated
What is CVE-2026-20459?
In MediaTek Modem products, a vulnerability exists due to improper input validation that may allow an attacker to induce a system crash. If a user equipment (UE) device connects to a rogue base station controlled by the attacker, it may experience a remote denial of service without requiring any additional execution privileges or user interaction. This significant risk underscores the importance of patching and maintaining cybersecurity vigilance. For remediation, users and organizations are advised to apply Patch ID: MOLY01816800 as outlined in MediaTek's security bulletin.
Affected Version(s)
MediaTek chipset MT2716
MediaTek chipset MT2735
MediaTek chipset MT2737
