CVE-2026-20457
Received Received - Intake

Improper Input Validation in Modem Leads to Denial of Service

Vulnerability report for CVE-2026-20457, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-01

Last updated on: 2026-07-01

Assigner: MediaTek, Inc.

Description

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01826924; Issue ID: MSV-7301.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-01
Last Modified
2026-07-01
Generated
2026-07-01
AI Q&A
2026-07-01
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
mediatek modem From MT2735 (inc) to MT6980 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Modem component of MediaTek chipsets and is caused by improper input validation. Specifically, it can lead to a system crash due to a NULL pointer dereference when a User Equipment (UE) connects to a rogue base station controlled by an attacker.

Exploitation does not require any user interaction or additional execution privileges, making it easier for an attacker to cause a remote denial of service.

Impact Analysis

The primary impact of this vulnerability is a remote denial of service (DoS) condition. An attacker controlling a rogue base station can cause the affected device's modem to crash, potentially disrupting network connectivity and device functionality.

Since no user interaction or elevated privileges are required, the attack can be executed remotely and silently, leading to service interruptions.

Detection Guidance

This vulnerability occurs due to improper input validation in the Modem subcomponent of MediaTek chipsets, potentially causing a system crash via a NULL pointer dereference when a UE connects to a rogue base station. Detection would involve monitoring for unexpected system crashes or modem failures, especially after connecting to unknown or suspicious base stations.

Since the vulnerability is triggered by interaction with a rogue base station, network-level detection could include monitoring for unusual base station identifiers or unexpected connection attempts to untrusted cellular towers.

No specific detection commands or tools are provided in the available resources.

Mitigation Strategies

The immediate mitigation step is to apply the security patch provided by MediaTek, identified as Patch ID MOLY01826924.

Device OEMs have been notified and patches have been distributed at least two months prior to the public announcement, so updating your device firmware or modem software to the latest version containing this patch is critical.

Additionally, avoid connecting to untrusted or suspicious base stations to reduce the risk of exploitation.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20457. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart