Permissions Bypass Vulnerability in MediaTek Modem Products
CVE-2026-20463

Currently unrated

Key Information:

Vendor

MediaTek

Vendor
CVE Published:
1 July 2026

What is CVE-2026-20463?

In MediaTek Modem products, a permissions bypass vulnerability exists that allows a malicious actor with System privileges to escalate their access. This exploit does not require user interaction, making it particularly dangerous. The vulnerability may lead to significant control over the affected system, and prompt patching is advised to mitigate potential risks. The identified issue has a corresponding Patch ID: MOLY01716533 and Issue ID: MSV-6309.

Affected Version(s)

MediaTek chipset MT2716

MediaTek chipset MT2735

MediaTek chipset MT2737

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.