CVE-2026-20434 (GCVE-0-2026-20434)
Vulnerability from cvelistv5 – Published: 2026-03-02 08:39 – Updated: 2026-03-30 13:05
VLAI?
Summary
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.
Severity ?
7.5 (High)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MediaTek, Inc. | MediaTek chipset |
Affected:
MT2735
Affected: MT2737 Affected: MT6739 Affected: MT6761 Affected: MT6762 Affected: MT6762D Affected: MT6762M Affected: MT6763 Affected: MT6765 Affected: MT6765T Affected: MT6767 Affected: MT6768 Affected: MT6769 Affected: MT6769K Affected: MT6769S Affected: MT6769T Affected: MT6769Z Affected: MT6771 Affected: MT6779 Affected: MT6781 Affected: MT6783 Affected: MT6785 Affected: MT6785T Affected: MT6785U Affected: MT6789 Affected: MT6833 Affected: MT6833P Affected: MT6835 Affected: MT6835T Affected: MT6853 Affected: MT6853T Affected: MT6855 Affected: MT6855T Affected: MT6873 Affected: MT6875 Affected: MT6875T Affected: MT6877 Affected: MT6877T Affected: MT6877TT Affected: MT6878 Affected: MT6878M Affected: MT6879 Affected: MT6880 Affected: MT6883 Affected: MT6885 Affected: MT6886 Affected: MT6889 Affected: MT6890 Affected: MT6891 Affected: MT6893 Affected: MT6895 Affected: MT6895TT Affected: MT6896 Affected: MT6897 Affected: MT6899 Affected: MT6980 Affected: MT6980D Affected: MT6983 Affected: MT6983T Affected: MT6985 Affected: MT6985T Affected: MT6989 Affected: MT6989T Affected: MT6990 Affected: MT6991 Affected: MT8666 Affected: MT8667 Affected: MT8668 Affected: MT8673 Affected: MT8675 Affected: MT8676 Affected: MT8678 Affected: MT8755 Affected: MT8765 Affected: MT8766 Affected: MT8766R Affected: MT8768 Affected: MT8771 Affected: MT8781 Affected: MT8786 Affected: MT8788 Affected: MT8788E Affected: MT8789 Affected: MT8791 Affected: MT8791T Affected: MT8792 Affected: MT8793 Affected: MT8795T Affected: MT8797 Affected: MT8798 Affected: MT8863 Affected: MT8873 Affected: MT8883 Affected: MT8893 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-20434",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T04:55:58.368Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MediaTek chipset",
"vendor": "MediaTek, Inc.",
"versions": [
{
"status": "affected",
"version": "MT2735"
},
{
"status": "affected",
"version": "MT2737"
},
{
"status": "affected",
"version": "MT6739"
},
{
"status": "affected",
"version": "MT6761"
},
{
"status": "affected",
"version": "MT6762"
},
{
"status": "affected",
"version": "MT6762D"
},
{
"status": "affected",
"version": "MT6762M"
},
{
"status": "affected",
"version": "MT6763"
},
{
"status": "affected",
"version": "MT6765"
},
{
"status": "affected",
"version": "MT6765T"
},
{
"status": "affected",
"version": "MT6767"
},
{
"status": "affected",
"version": "MT6768"
},
{
"status": "affected",
"version": "MT6769"
},
{
"status": "affected",
"version": "MT6769K"
},
{
"status": "affected",
"version": "MT6769S"
},
{
"status": "affected",
"version": "MT6769T"
},
{
"status": "affected",
"version": "MT6769Z"
},
{
"status": "affected",
"version": "MT6771"
},
{
"status": "affected",
"version": "MT6779"
},
{
"status": "affected",
"version": "MT6781"
},
{
"status": "affected",
"version": "MT6783"
},
{
"status": "affected",
"version": "MT6785"
},
{
"status": "affected",
"version": "MT6785T"
},
{
"status": "affected",
"version": "MT6785U"
},
{
"status": "affected",
"version": "MT6789"
},
{
"status": "affected",
"version": "MT6833"
},
{
"status": "affected",
"version": "MT6833P"
},
{
"status": "affected",
"version": "MT6835"
},
{
"status": "affected",
"version": "MT6835T"
},
{
"status": "affected",
"version": "MT6853"
},
{
"status": "affected",
"version": "MT6853T"
},
{
"status": "affected",
"version": "MT6855"
},
{
"status": "affected",
"version": "MT6855T"
},
{
"status": "affected",
"version": "MT6873"
},
{
"status": "affected",
"version": "MT6875"
},
{
"status": "affected",
"version": "MT6875T"
},
{
"status": "affected",
"version": "MT6877"
},
{
"status": "affected",
"version": "MT6877T"
},
{
"status": "affected",
"version": "MT6877TT"
},
{
"status": "affected",
"version": "MT6878"
},
{
"status": "affected",
"version": "MT6878M"
},
{
"status": "affected",
"version": "MT6879"
},
{
"status": "affected",
"version": "MT6880"
},
{
"status": "affected",
"version": "MT6883"
},
{
"status": "affected",
"version": "MT6885"
},
{
"status": "affected",
"version": "MT6886"
},
{
"status": "affected",
"version": "MT6889"
},
{
"status": "affected",
"version": "MT6890"
},
{
"status": "affected",
"version": "MT6891"
},
{
"status": "affected",
"version": "MT6893"
},
{
"status": "affected",
"version": "MT6895"
},
{
"status": "affected",
"version": "MT6895TT"
},
{
"status": "affected",
"version": "MT6896"
},
{
"status": "affected",
"version": "MT6897"
},
{
"status": "affected",
"version": "MT6899"
},
{
"status": "affected",
"version": "MT6980"
},
{
"status": "affected",
"version": "MT6980D"
},
{
"status": "affected",
"version": "MT6983"
},
{
"status": "affected",
"version": "MT6983T"
},
{
"status": "affected",
"version": "MT6985"
},
{
"status": "affected",
"version": "MT6985T"
},
{
"status": "affected",
"version": "MT6989"
},
{
"status": "affected",
"version": "MT6989T"
},
{
"status": "affected",
"version": "MT6990"
},
{
"status": "affected",
"version": "MT6991"
},
{
"status": "affected",
"version": "MT8666"
},
{
"status": "affected",
"version": "MT8667"
},
{
"status": "affected",
"version": "MT8668"
},
{
"status": "affected",
"version": "MT8673"
},
{
"status": "affected",
"version": "MT8675"
},
{
"status": "affected",
"version": "MT8676"
},
{
"status": "affected",
"version": "MT8678"
},
{
"status": "affected",
"version": "MT8755"
},
{
"status": "affected",
"version": "MT8765"
},
{
"status": "affected",
"version": "MT8766"
},
{
"status": "affected",
"version": "MT8766R"
},
{
"status": "affected",
"version": "MT8768"
},
{
"status": "affected",
"version": "MT8771"
},
{
"status": "affected",
"version": "MT8781"
},
{
"status": "affected",
"version": "MT8786"
},
{
"status": "affected",
"version": "MT8788"
},
{
"status": "affected",
"version": "MT8788E"
},
{
"status": "affected",
"version": "MT8789"
},
{
"status": "affected",
"version": "MT8791"
},
{
"status": "affected",
"version": "MT8791T"
},
{
"status": "affected",
"version": "MT8792"
},
{
"status": "affected",
"version": "MT8793"
},
{
"status": "affected",
"version": "MT8795T"
},
{
"status": "affected",
"version": "MT8797"
},
{
"status": "affected",
"version": "MT8798"
},
{
"status": "affected",
"version": "MT8863"
},
{
"status": "affected",
"version": "MT8873"
},
{
"status": "affected",
"version": "MT8883"
},
{
"status": "affected",
"version": "MT8893"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T13:05:35.387Z",
"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"shortName": "MediaTek"
},
"references": [
{
"url": "https://corp.mediatek.com/product-security-bulletin/March-2026"
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
"assignerShortName": "MediaTek",
"cveId": "CVE-2026-20434",
"datePublished": "2026-03-02T08:39:10.077Z",
"dateReserved": "2025-11-03T01:30:59.011Z",
"dateUpdated": "2026-03-30T13:05:35.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-20434\",\"sourceIdentifier\":\"security@mediatek.com\",\"published\":\"2026-03-02T09:16:16.460\",\"lastModified\":\"2026-03-02T22:04:18.130\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@mediatek.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mediatek:lr12a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B6AFD8-6CBA-4A1D-B38F-A9ABFEB6EFC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mediatek:lr13:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12318A0A-16CD-48A5-98A4-373070734642\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30A2D2E-6A72-4070-A471-EEE75F7D07F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mediatek:nr16:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B763B71-F913-45B4-B91E-D7F0670C4315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mediatek:nr17:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F8874B-DBF1-4A67-8ADF-4654AB56B6A8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F1D09FC-5BE9-4B23-82F1-3C6EAC5711A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C2A1118-B5F7-4EF5-B329-0887B5F3430E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA8A390-9F52-4CF3-9B45-936CE3E2B828\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F726F486-A86F-4215-AD93-7A07A071844A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C445EB80-6021-4E26-B74E-1B4B6910CE48\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0002C537-4268-43CA-B349-BC14F1F0313C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F19C76A-50DF-4ACA-BACA-07157B4D838B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43E779F6-F0A0-4153-9A1D-B715C3A2F80E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE80B083-D5A3-418C-9655-C79C9DECB4C5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3367BA13-9C4D-4CCF-8E71-397F33CFF773\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06CD97E1-8A76-48B4-9780-9698EF5A960F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D23991D5-1893-49F4-8A06-D5E66C96C3B3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6769k:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B0EFB31-7B79-4529-A978-FA227D77F9F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6769s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DD67454-1786-4BC7-B97E-96898F5FE3AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B43D63CF-FF77-41D8-BA4B-F8BDF88830BA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA1BE913-70AE-49FE-99E9-E996165DF79D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE4D2AED-C713-407F-A34A-52C3D8F65835\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBA369B8-8E23-492B-82CC-23114E6A5D1C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4EEE021-6B2A-47A0-AC6B-55525A40D718\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2C8F9C2-6471-4498-B089-2F40D2483487\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82E0A4F-072F-474C-B94C-8114ABE05639\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E208C7B7-7BF6-4E56-B61C-0198B08DC8B3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6785u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14DD4149-ACBE-47B8-B52E-7CE8EECA3615\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B9B0D82-82C1-4A77-A016-329B99C45F49\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9814939B-F05E-4870-90C0-7C0F6BAAEB39\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6833p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB690F5A-9367-45D3-A53E-80BF60053630\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A63103-C708-48EC-B44D-5E465A6B79C5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6835t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7FE7DBA-479C-402B-8485-9D14E70F25EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"366F1912-756B-443E-9962-224937DD7DFB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"328DA6BE-1303-4646-89B7-2EC8DC444532\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6855t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"083F6134-FF26-4F1B-9B77-971D342AF774\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80BDC5EC-E822-4BC7-8C0D-E8AD8396E8FE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F883C6D3-1724-4553-9EFC-3D204FF3CAA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6877t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFA54AA1-4E3A-44F8-A222-31C60F8F81DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6877tt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4D6885-E18C-477F-8B6D-B9E84D9535E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"855A8046-34ED-4891-ACE5-76AB10AC8D53\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6878m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"483B6FB0-D683-4F3C-BA5B-6C9852179854\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"704BE5CE-AE08-4432-A8B0-4C8BD62148AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CF4A7A-3136-4C4C-A795-81323896BE11\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15E2EC3F-9FB3-488B-B1C1-2793A416C755\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD64413C-C774-4C4F-9551-89E1AA9469EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3E2B84-DAFE-4E11-B23B-026F719475F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B787DC3-8E5A-4968-B20B-37B6257FAAE2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"171D1C08-F055-44C0-913C-AA2B73AF5B72\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8E91CA4-CA5B-40D1-9A96-2B875104BCF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"213B5C7F-D965-4312-9CDF-4F06FA77D401\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0CA45C9-7BFE-4C93-B2AF-B86501F763AB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6895tt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2141B30A-C56F-4831-8FCD-4758DF97AD18\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33DEF766-EAF1-4E36-BB7C-43069B26507A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A7D8055-F4B6-41EE-A078-11D56285AB66\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA9131F6-F167-4FD7-8FBF-B372CBBCF46F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6980d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2758122C-4D11-4D34-9B72-3905F3A28448\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6983t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D6430E-840D-447F-892E-EA4FD7F69BAF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6985t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEBB2AE0-F6CD-4CAF-BBF2-09C5C20B9910\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7DE6B2-66D9-4A3E-B15F-D56505559255\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6989t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6309AE48-7266-435C-B906-50960F643FC8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A76806D-A4E3-466A-90CB-E9FFE478E7A0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBBB30DF-E963-4940-B742-F6801F68C3FC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8666:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C9AB4D2-0EDD-4D5E-9393-F535CA2F24C4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8667:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FE14B46-C1CA-465F-8578-059FA2ED30EB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2589C222-3D62-4BDB-98F2-5F1E38600D8D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"152F6606-FA23-4530-AA07-419866B74CB3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03E6123A-7603-4EAB-AFFB-229E8A040709\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE302F6F-170E-4350-A8F4-65BE0C50CB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"152A5F3D-8004-4649-BDB1-E6F0798AF1CB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CF88096-5CBD-4A4B-8F47-33D38985956F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AACF35D-27E0-49AF-A667-13585C8B8071\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE45F606-2E75-48BC-9D1B-99D504974CBF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8766r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738475DC-9FA8-4034-AB1F-F89C77CE7B41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC6E254-11A9-49CE-83FE-6DAC23E7D7AA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D09F23D-D023-4A60-B426-61251FDD8A5A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8781:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"533284E5-C3AF-48D3-A287-993099DB2E41\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D2D5F91-6AAB-4516-AD01-5C60F58BA4A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE10C121-F2AD-43D2-8FF9-A6C197858220\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8788e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDF887A-1862-4336-ABFC-371838E1D029\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1505AD53-987E-4328-8E1D-F5F1EC12B677\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CD2C3EC-B62D-4616-964F-FDBE5B14A449\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB05B1D-77C9-4E42-91AD-9F087413DC20\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"336FC69E-E89F-4642-B6B9-8009D9A2BD52\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FBD3487-F8CE-406C-8BD7-DD57FF8CD60B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78D4E9E1-B044-41EC-BE98-22DC0E5E9010\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B469BF4-5961-42E9-814B-1BE06D182E45\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"637CAAD2-DCC0-4F81-B781-5D0536844CA8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E0D738-F0B9-468F-8A10-204F498320BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6DD525F-7050-42BD-829D-1121698B8009\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23DD8281-FEB4-4E23-8DDA-680FF895F12E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:mediatek:mt8893:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCFAADB1-C2B2-47A6-BB66-761B964E7DFB\"}]}]}],\"references\":[{\"url\":\"https://corp.mediatek.com/product-security-bulletin/March-2026\",\"source\":\"security@mediatek.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20434\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-02T13:37:44.413942Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-02T13:37:34.417Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"MediaTek, Inc.\", \"product\": \"MediaTek chipset\", \"versions\": [{\"status\": \"affected\", \"version\": \"MT2735\"}, {\"status\": \"affected\", \"version\": \"MT2737\"}, {\"status\": \"affected\", \"version\": \"MT6739\"}, {\"status\": \"affected\", \"version\": \"MT6761\"}, {\"status\": \"affected\", \"version\": \"MT6762\"}, {\"status\": \"affected\", \"version\": \"MT6762D\"}, {\"status\": \"affected\", \"version\": \"MT6762M\"}, {\"status\": \"affected\", \"version\": \"MT6763\"}, {\"status\": \"affected\", \"version\": \"MT6765\"}, {\"status\": \"affected\", \"version\": \"MT6765T\"}, {\"status\": \"affected\", \"version\": \"MT6767\"}, {\"status\": \"affected\", \"version\": \"MT6768\"}, {\"status\": \"affected\", \"version\": \"MT6769\"}, {\"status\": \"affected\", \"version\": \"MT6769K\"}, {\"status\": \"affected\", \"version\": \"MT6769S\"}, {\"status\": \"affected\", \"version\": \"MT6769T\"}, {\"status\": \"affected\", \"version\": \"MT6769Z\"}, {\"status\": \"affected\", \"version\": \"MT6771\"}, {\"status\": \"affected\", \"version\": \"MT6779\"}, {\"status\": \"affected\", \"version\": \"MT6781\"}, {\"status\": \"affected\", \"version\": \"MT6783\"}, {\"status\": \"affected\", \"version\": \"MT6785\"}, {\"status\": \"affected\", \"version\": \"MT6785T\"}, {\"status\": \"affected\", \"version\": \"MT6785U\"}, {\"status\": \"affected\", \"version\": \"MT6789\"}, {\"status\": \"affected\", \"version\": \"MT6833\"}, {\"status\": \"affected\", \"version\": \"MT6833P\"}, {\"status\": \"affected\", \"version\": \"MT6835\"}, {\"status\": \"affected\", \"version\": \"MT6835T\"}, {\"status\": \"affected\", \"version\": \"MT6853\"}, {\"status\": \"affected\", \"version\": \"MT6853T\"}, {\"status\": \"affected\", \"version\": \"MT6855\"}, {\"status\": \"affected\", \"version\": \"MT6855T\"}, {\"status\": \"affected\", \"version\": \"MT6873\"}, {\"status\": \"affected\", \"version\": \"MT6875\"}, {\"status\": \"affected\", \"version\": \"MT6875T\"}, {\"status\": \"affected\", \"version\": \"MT6877\"}, {\"status\": \"affected\", \"version\": \"MT6877T\"}, {\"status\": \"affected\", \"version\": \"MT6877TT\"}, {\"status\": \"affected\", \"version\": \"MT6878\"}, {\"status\": \"affected\", \"version\": \"MT6878M\"}, {\"status\": \"affected\", \"version\": \"MT6879\"}, {\"status\": \"affected\", \"version\": \"MT6880\"}, {\"status\": \"affected\", \"version\": \"MT6883\"}, {\"status\": \"affected\", \"version\": \"MT6885\"}, {\"status\": \"affected\", \"version\": \"MT6886\"}, {\"status\": \"affected\", \"version\": \"MT6889\"}, {\"status\": \"affected\", \"version\": \"MT6890\"}, {\"status\": \"affected\", \"version\": \"MT6891\"}, {\"status\": \"affected\", \"version\": \"MT6893\"}, {\"status\": \"affected\", \"version\": \"MT6895\"}, {\"status\": \"affected\", \"version\": \"MT6895TT\"}, {\"status\": \"affected\", \"version\": \"MT6896\"}, {\"status\": \"affected\", \"version\": \"MT6897\"}, {\"status\": \"affected\", \"version\": \"MT6899\"}, {\"status\": \"affected\", \"version\": \"MT6980\"}, {\"status\": \"affected\", \"version\": \"MT6980D\"}, {\"status\": \"affected\", \"version\": \"MT6983\"}, {\"status\": \"affected\", \"version\": \"MT6983T\"}, {\"status\": \"affected\", \"version\": \"MT6985\"}, {\"status\": \"affected\", \"version\": \"MT6985T\"}, {\"status\": \"affected\", \"version\": \"MT6989\"}, {\"status\": \"affected\", \"version\": \"MT6989T\"}, {\"status\": \"affected\", \"version\": \"MT6990\"}, {\"status\": \"affected\", \"version\": \"MT6991\"}, {\"status\": \"affected\", \"version\": \"MT8666\"}, {\"status\": \"affected\", \"version\": \"MT8667\"}, {\"status\": \"affected\", \"version\": \"MT8668\"}, {\"status\": \"affected\", \"version\": \"MT8673\"}, {\"status\": \"affected\", \"version\": \"MT8675\"}, {\"status\": \"affected\", \"version\": \"MT8676\"}, {\"status\": \"affected\", \"version\": \"MT8678\"}, {\"status\": \"affected\", \"version\": \"MT8755\"}, {\"status\": \"affected\", \"version\": \"MT8765\"}, {\"status\": \"affected\", \"version\": \"MT8766\"}, {\"status\": \"affected\", \"version\": \"MT8766R\"}, {\"status\": \"affected\", \"version\": \"MT8768\"}, {\"status\": \"affected\", \"version\": \"MT8771\"}, {\"status\": \"affected\", \"version\": \"MT8781\"}, {\"status\": \"affected\", \"version\": \"MT8786\"}, {\"status\": \"affected\", \"version\": \"MT8788\"}, {\"status\": \"affected\", \"version\": \"MT8788E\"}, {\"status\": \"affected\", \"version\": \"MT8789\"}, {\"status\": \"affected\", \"version\": \"MT8791\"}, {\"status\": \"affected\", \"version\": \"MT8791T\"}, {\"status\": \"affected\", \"version\": \"MT8792\"}, {\"status\": \"affected\", \"version\": \"MT8793\"}, {\"status\": \"affected\", \"version\": \"MT8795T\"}, {\"status\": \"affected\", \"version\": \"MT8797\"}, {\"status\": \"affected\", \"version\": \"MT8798\"}, {\"status\": \"affected\", \"version\": \"MT8863\"}, {\"status\": \"affected\", \"version\": \"MT8873\"}, {\"status\": \"affected\", \"version\": \"MT8883\"}, {\"status\": \"affected\", \"version\": \"MT8893\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://corp.mediatek.com/product-security-bulletin/March-2026\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"ee979b05-11f8-4f25-a7e0-a1fa9c190374\", \"shortName\": \"MediaTek\", \"dateUpdated\": \"2026-03-30T13:05:35.387Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20434\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-30T13:05:35.387Z\", \"dateReserved\": \"2025-11-03T01:30:59.011Z\", \"assignerOrgId\": \"ee979b05-11f8-4f25-a7e0-a1fa9c190374\", \"datePublished\": \"2026-03-02T08:39:10.077Z\", \"assignerShortName\": \"MediaTek\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…