Lucene search
K
MediatekMt8863 Firmware

6 matches found

CVE
CVE
added 2025/04/07 3:14 a.m.76 views

CVE-2025-20659

The CVE-2025-20659 entry concerns a vulnerability in Modem where improper input validation can cause a system crash, enabling remote denial of service when a UE connects to a rogue base station. Exploitation requires no user interaction and has an adjacent attack vector with no privileges require...

6.5CVSS6.7AI score0.00343EPSS
CVE
CVE
added 2026/04/07 3:25 a.m.31 views

CVE-2026-20432

CVE-2026-20432 affects a MediaTek modem component, where a missing bounds check could allow an out-of-bounds write. The resulting impact is remote escalation of privilege if a UE connects to a rogue base station; exploitation requires user interaction. Patch MOLY01406170 (MSV-4461) is noted. Conn...

8CVSS6.1AI score0.00294EPSS
CVE
CVE
added 2026/05/04 5:41 a.m.25 views

CVE-2026-20449

CVE-2026-20449 concerns a vulnerability in Modem where a heap buffer overflow can cause a system crash, leading to remote denial of service. Exploitation could occur if a device connects to a rogue base station controlled by an attacker, with no additional execution privileges and no user interac...

6.5CVSS6.2AI score0.00224EPSS
CVE
CVE
added 2026/04/07 3:25 a.m.18 views

CVE-2026-20433

CVE-2026-20433 affects a MediaTek modem component where a missing bounds check enables an out-of-bounds write. This could allow remote escalation of privilege if a UE connects to a rogue base station, with no additional execution privileges required. Exploitation requires user interaction. Public...

8.8CVSS6.1AI score0.00341EPSS
CVE
CVE
added 2026/04/07 3:25 a.m.17 views

CVE-2026-20431

Summary: CVE-2026-20431 affects MediaTek-based Modem functionality where a logic error can cause a system crash, potentially enabling remote denial of service when a UE connects to a rogue base station. Exploitation reportedly requires no user interaction and can occur with adjacent access; no ad...

6.5CVSS6.1AI score0.00309EPSS
CVE
CVE
added 2026/05/04 5:41 a.m.17 views

CVE-2026-20450

CVE-2026-20450 affects the Modem component. The issue is a crash caused by incorrect error handling, which can lead to remote denial of service if a user equipment connects to a rogue base station controlled by an attacker. No user interaction is required; exploitation is scoped to adjacent acces...

6.5CVSS5.9AI score0.00291EPSS