Home

Description

In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01760138; Issue ID: MSV-6148.

PUBLISHED Reserved 2025-11-03 | Published 2026-05-04 | Updated 2026-05-04 | Assigner MediaTek

Problem types

CWE-120 Classic Buffer Overflow

Product status

Default status
unaffected

MT2735
affected

MT2737
affected

MT6739
affected

MT6761
affected

MT6762
affected

MT6763
affected

MT6765
affected

MT6767
affected

MT6768
affected

MT6769
affected

MT6771
affected

MT6779
affected

MT6781
affected

MT6783
affected

MT6785
affected

MT6789
affected

MT6813
affected

MT6815
affected

MT6833
affected

MT6835
affected

MT6853
affected

MT6855
affected

MT6858
affected

MT6873
affected

MT6875
affected

MT6877
affected

MT6878
affected

MT6879
affected

MT6880
affected

MT6883
affected

MT6885
affected

MT6886
affected

MT6889
affected

MT6890
affected

MT6891
affected

MT6893
affected

MT6895
affected

MT6896
affected

MT6897
affected

MT6899
affected

MT6980
affected

MT6983
affected

MT6985
affected

MT6986D
affected

MT6988
affected

MT6989
affected

MT6990
affected

MT6991
affected

MT6993
affected

MT8668
affected

MT8673
affected

MT8675
affected

MT8676
affected

MT8678
affected

MT8755
affected

MT8771
affected

MT8775
affected

MT8791
affected

MT8791T
affected

MT8792
affected

MT8793
affected

MT8795T
affected

MT8797
affected

MT8798
affected

MT8863
affected

MT8873
affected

MT8883
affected

MT8893
affected

References

corp.mediatek.com/product-security-bulletin/May-2026

cve.org (CVE-2026-20449)

nvd.nist.gov (CVE-2026-20449)

Download JSON