Information Disclosure Vulnerability in MediaTek Modem
CVE-2026-20460

Currently unrated

Key Information:

Vendor

MediaTek

Vendor
CVE Published:
1 July 2026

What is CVE-2026-20460?

In MediaTek's modem, a vulnerability exists that allows for the possibility of information disclosure due to improper input validation. This issue arises when a user equipment (UE) connects to a rogue base station, potentially controlled by an attacker. Exploitation of this vulnerability does not require additional privileges or user interaction, making it particularly concerning. Immediate attention is advised to mitigate risks associated with this vulnerability.

Affected Version(s)

MediaTek chipset MT2735

MediaTek chipset MT2737

MediaTek chipset MT6779

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.