CVE-2026-20431 - Vulnerability Details - OpenCVE

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mediatek, Inc.	Mediatek Chipset

No data.

No data.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/April-2026

History

Tue, 07 Apr 2026 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mediatek, Inc. Mediatek, Inc. mediatek Chipset
Vendors & Products		Mediatek, Inc. Mediatek, Inc. mediatek Chipset

Tue, 07 Apr 2026 07:15:00 +0000

Type	Values Removed	Values Added
Description		In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467.
Weaknesses		CWE-770
References		https://corp.mediatek.com/product-security-bulletin/April-2026

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2026-04-07T03:25:28.491Z

Updated: 2026-04-07T12:59:17.543Z

Reserved: 2025-11-03T01:30:59.011Z

Link: CVE-2026-20431

Vulnrichment

No data.

NVD

Status : Undergoing Analysis

Published: 2026-04-07T04:16:59.930

Modified: 2026-04-07T14:16:19.027

Link: CVE-2026-20431

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20431", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2025-11-03T01:30:59.011Z", "datePublished": "2026-04-07T03:25:28.491Z", "dateUpdated": "2026-04-07T12:59:17.543Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2026-04-07T03:25:28.491Z"}, "descriptions": [{"lang": "en", "value": "In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MediaTek chipset", "defaultStatus": "unaffected", "versions": [{"version": "MT6813", "status": "affected"}, {"version": "MT6815", "status": "affected"}, {"version": "MT6835", "status": "affected"}, {"version": "MT6878", "status": "affected"}, {"version": "MT6897", "status": "affected"}, {"version": "MT6899", "status": "affected"}, {"version": "MT6986", "status": "affected"}, {"version": "MT6991", "status": "affected"}, {"version": "MT6993", "status": "affected"}, {"version": "MT8668", "status": "affected"}, {"version": "MT8676", "status": "affected"}, {"version": "MT8678", "status": "affected"}, {"version": "MT8755", "status": "affected"}, {"version": "MT8775", "status": "affected"}, {"version": "MT8792", "status": "affected"}, {"version": "MT8793", "status": "affected"}, {"version": "MT8863", "status": "affected"}, {"version": "MT8873", "status": "affected"}, {"version": "MT8883", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/April-2026"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T12:59:15.295899Z", "id": "CVE-2026-20431", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T12:59:17.543Z"}}]}}