ГлавнаяУязвимости → CVE-2026-20432
8высокая

CVE-2026-20432

Описание

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01406170; Issue ID: MSV-4461.

Затрагиваемое ПО
Mediatek Mt2735 firmwareMediatek Mt2735Mediatek Mt2737 firmwareMediatek Mt2737Mediatek Mt6779 firmwareMediatek Mt6779Mediatek Mt6781 firmwareMediatek Mt6781Mediatek Mt6783 firmwareMediatek Mt6783Mediatek Mt8781 firmwareMediatek Mt8781Mediatek Mt8789 firmwareMediatek Mt8789Mediatek Mt8791 firmwareMediatek Mt8791Mediatek Mt8791t firmwareMediatek Mt8791tMediatek Mt8792 firmwareMediatek Mt8792Mediatek Mt8793 firmwareMediatek Mt8793Mediatek Mt8795t firmwareMediatek Mt8795tMediatek Mt8797 firmware
CVSS
Балл8 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/April-2026