6 matches found
CVE-2025-20659
The CVE-2025-20659 entry concerns a vulnerability in Modem where improper input validation can cause a system crash, enabling remote denial of service when a UE connects to a rogue base station. Exploitation requires no user interaction and has an adjacent attack vector with no privileges require...
CVE-2026-20432
CVE-2026-20432 affects a MediaTek modem component, where a missing bounds check could allow an out-of-bounds write. The resulting impact is remote escalation of privilege if a UE connects to a rogue base station; exploitation requires user interaction. Patch MOLY01406170 (MSV-4461) is noted. Conn...
CVE-2026-20449
CVE-2026-20449 concerns a vulnerability in Modem where a heap buffer overflow can cause a system crash, leading to remote denial of service. Exploitation could occur if a device connects to a rogue base station controlled by an attacker, with no additional execution privileges and no user interac...
CVE-2026-20433
CVE-2026-20433 affects a MediaTek modem component where a missing bounds check enables an out-of-bounds write. This could allow remote escalation of privilege if a UE connects to a rogue base station, with no additional execution privileges required. Exploitation requires user interaction. Public...
CVE-2026-20431
Summary: CVE-2026-20431 affects MediaTek-based Modem functionality where a logic error can cause a system crash, potentially enabling remote denial of service when a UE connects to a rogue base station. Exploitation reportedly requires no user interaction and can occur with adjacent access; no ad...
CVE-2026-20450
CVE-2026-20450 affects the Modem component. The issue is a crash caused by incorrect error handling, which can lead to remote denial of service if a user equipment connects to a rogue base station controlled by an attacker. No user interaction is required; exploitation is scoped to adjacent acces...