Information Disclosure Vulnerability in MediaTek Modem
CVE-2026-20460
Currently unrated
What is CVE-2026-20460?
In MediaTek's modem, a vulnerability exists that allows for the possibility of information disclosure due to improper input validation. This issue arises when a user equipment (UE) connects to a rogue base station, potentially controlled by an attacker. Exploitation of this vulnerability does not require additional privileges or user interaction, making it particularly concerning. Immediate attention is advised to mitigate risks associated with this vulnerability.
Affected Version(s)
MediaTek chipset MT2735
MediaTek chipset MT2737
MediaTek chipset MT6779
