Out of Bounds Write Vulnerability in MediaTek Modem
CVE-2026-20461

Currently unrated

Key Information:

Vendor

MediaTek

Vendor
CVE Published:
1 July 2026

What is CVE-2026-20461?

A security flaw exists in MediaTek's modem due to an insufficient bounds check, which can result in an out of bounds write condition. An attacker controlling a rogue base station may exploit this vulnerability, allowing them to cause a denial of service for connected user equipment. Notably, this exploitation does not require user interaction and can occur transparently. Owners of affected MediaTek modem versions are advised to apply the relevant patches identified as MOLY01267281 and MOLY01318201 to mitigate this risk. For further details, please refer to the MediaTek product security bulletin.

Affected Version(s)

MediaTek chipset MT2737

MediaTek chipset MT6813

MediaTek chipset MT6835

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.