High severity8.0NVD Advisory· Published Apr 7, 2026· Updated Apr 10, 2026
CVE-2026-20432
CVE-2026-20432
Description
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01406170; Issue ID: MSV-4461.
Affected products
58- cpe:2.3:o:mediatek:mt2735_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt2737_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6779_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6781_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6783_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6785_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6789_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6813_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6815_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6833_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6835_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6853_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6855_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6873_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6875_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6877_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6878_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6879_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6880_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6883_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6885_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6886_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6889_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6890_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6891_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6893_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6895_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6896_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6980_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6983_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6985_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6989_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6990_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt6993_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8668_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8673_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8675_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8755_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8771_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8781_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8789_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8791_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8791t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8795t_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8797_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8798_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8863_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8873_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8883_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:mediatek:mt8893_firmware:-:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- corp.mediatek.com/product-security-bulletin/April-2026nvdVendor Advisory
News mentions
0No linked articles in our index yet.