Out of Bounds Write Vulnerability in MediaTek Modem
CVE-2026-20461
Currently unrated
What is CVE-2026-20461?
A security flaw exists in MediaTek's modem due to an insufficient bounds check, which can result in an out of bounds write condition. An attacker controlling a rogue base station may exploit this vulnerability, allowing them to cause a denial of service for connected user equipment. Notably, this exploitation does not require user interaction and can occur transparently. Owners of affected MediaTek modem versions are advised to apply the relevant patches identified as MOLY01267281 and MOLY01318201 to mitigate this risk. For further details, please refer to the MediaTek product security bulletin.
Affected Version(s)
MediaTek chipset MT2737
MediaTek chipset MT6813
MediaTek chipset MT6835
