CVSS: 8.8EPSS: 0%CPEs: 124EXPL: 0CVE-2026-20433
https://notcve.org/view.php?id=CVE-2026-20433
07 Apr 2026 — In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01088681; Issue ID: MSV-4460. En el módem, existe una posible escritura fuera de límites debido a una falta de verificación de límites. • https://corp.mediatek.com/product-security-bulletin/April-2026 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 99EXPL: 0CVE-2026-20434
https://notcve.org/view.php?id=CVE-2026-20434
02 Mar 2026 — In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135. • https://corp.mediatek.com/product-security-bulletin/March-2026 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2025-20761
https://notcve.org/view.php?id=CVE-2025-20761
06 Jan 2026 — In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01311265; Issue ID: MSV-4655. • https://corp.mediatek.com/product-security-bulletin/January-2026 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2025-20703
https://notcve.org/view.php?id=CVE-2025-20703
01 Sep 2025 — In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01599794; Issue ID: MSV-3708. • https://corp.mediatek.com/product-security-bulletin/September-2025 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 63EXPL: 0CVE-2025-20708
https://notcve.org/view.php?id=CVE-2025-20708
01 Sep 2025 — In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01123853; Issue ID: MSV-4131. • https://corp.mediatek.com/product-security-bulletin/September-2025 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 85EXPL: 0CVE-2025-20659
https://notcve.org/view.php?id=CVE-2025-20659
07 Apr 2025 — In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768. • https://corp.mediatek.com/product-security-bulletin/April-2025 • CWE-125: Out-of-bounds Read •