CVE-2026-20431

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-20431
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/April-2026 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mediatek:mt6813_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mediatek:mt6815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mediatek:mt6835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mediatek:mt6878_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mediatek:mt6986_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mediatek:mt6993_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mediatek:mt8668_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:mediatek:mt8755_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:mediatek:mt8863_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:mediatek:mt8873_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:mediatek:mt8883_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
History

10 Apr 2026, 19:58

Type Values Removed Values Added
First Time Mediatek mt6897
Mediatek mt8668
Mediatek mt6899 Firmware
Mediatek mt8863 Firmware
Mediatek mt8755
Mediatek mt6835
Mediatek mt6878
Mediatek mt6813
Mediatek mt8873 Firmware
Mediatek mt8883 Firmware
Mediatek mt8775 Firmware
Mediatek mt6986
Mediatek mt6815 Firmware
Mediatek mt6991 Firmware
Mediatek mt8676
Mediatek mt6993 Firmware
Mediatek mt6815
Mediatek
Mediatek mt6835 Firmware
Mediatek mt6813 Firmware
Mediatek mt8676 Firmware
Mediatek mt8792 Firmware
Mediatek mt6899
Mediatek mt8775
Mediatek mt6993
Mediatek mt8755 Firmware
Mediatek mt8668 Firmware
Mediatek mt8793 Firmware
Mediatek mt6991
Mediatek mt6986 Firmware
Mediatek mt6897 Firmware
Mediatek mt8863
Mediatek mt8678
Mediatek mt6878 Firmware
Mediatek mt8792
Mediatek mt8873
Mediatek mt8883
Mediatek mt8793
Mediatek mt8678 Firmware
CPE cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8668_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8883_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6835_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6815_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6993_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8755_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8863_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6878_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6813_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8873_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt6986_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*
References () https://corp.mediatek.com/product-security-bulletin/April-2026 - () https://corp.mediatek.com/product-security-bulletin/April-2026 - Vendor Advisory

07 Apr 2026, 14:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5

07 Apr 2026, 04:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-04-07 04:16

Updated : 2026-04-10 19:58

NVD link : CVE-2026-20431

Mitre link : CVE-2026-20431

CVE.ORG link : CVE-2026-20431

JSON object : View

Products Affected

mediatek

  • mt8678
  • mt8668_firmware
  • mt8793_firmware
  • mt8883
  • mt8863
  • mt8883_firmware
  • mt6897_firmware
  • mt8676
  • mt6878_firmware
  • mt6815
  • mt6899
  • mt8792
  • mt6897
  • mt6813
  • mt8755_firmware
  • mt6878
  • mt8873_firmware
  • mt6993
  • mt8792_firmware
  • mt8676_firmware
  • mt8775
  • mt6815_firmware
  • mt8873
  • mt6899_firmware
  • mt8678_firmware
  • mt8793
  • mt6991
  • mt6835
  • mt8755
  • mt6991_firmware
  • mt6986
  • mt6813_firmware
  • mt8863_firmware
  • mt8668
  • mt6835_firmware
  • mt6986_firmware
  • mt8775_firmware
  • mt6993_firmware
CWE
CWE-770

Allocation of Resources Without Limits or Throttling