Vulnerability Description
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01088681; Issue ID: MSV-4460.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mediatek | Mt2735 Firmware | - |
| Mediatek | Mt2735 | - |
| Mediatek | Mt2737 Firmware | - |
| Mediatek | Mt2737 | - |
| Mediatek | Mt6813 Firmware | - |
| Mediatek | Mt6813 | - |
| Mediatek | Mt6833 Firmware | - |
| Mediatek | Mt6833 | - |
| Mediatek | Mt6833P Firmware | - |
| Mediatek | Mt6833P | - |
| Mediatek | Mt6835 Firmware | - |
| Mediatek | Mt6835 | - |
| Mediatek | Mt6835T Firmware | - |
| Mediatek | Mt6835T | - |
| Mediatek | Mt6853 Firmware | - |
| Mediatek | Mt6853 | - |
| Mediatek | Mt6853T Firmware | - |
| Mediatek | Mt6853T | - |
| Mediatek | Mt6855 Firmware | - |
| Mediatek | Mt6855 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-20433?
CVE-2026-20433 is a vulnerability with a CVSS score of 8.8 (HIGH). In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the atta...
How severe is CVE-2026-20433?
CVE-2026-20433 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-20433?
Check the references section above for vendor advisories and patch information. Affected products include: Mediatek Mt2735 Firmware, Mediatek Mt2735, Mediatek Mt2737 Firmware, Mediatek Mt2737, Mediatek Mt6813 Firmware.