Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Unsecured Modem Allows Rogue Base Station to Gain Elevated Access
CVE-2026-20434
Summary
A security weakness in the Modem software allows a malicious base station to potentially take control of a connected device without permission. This could happen if a user connects to a fake base station set up by an attacker. To stay safe, ensure you apply the latest security updates to your Modem software.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| mediatek | lr12a | All versions | – |
| mediatek | lr13 | All versions | – |
| mediatek | nr15 | All versions | – |
| mediatek | nr16 | All versions | – |
| mediatek | nr17 | All versions | – |
Original title
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the a...
Original description
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.
nvd CVSS3.1
7.5
Vulnerability type
CWE-787
Out-of-bounds Write
- https://corp.mediatek.com/product-security-bulletin/March-2026 Vendor Advisory
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026