CVE-2026-20420 – This vulnerability in MediaTek modems allows re... (How to Fix)

Q: What is the severity of CVE-2026-20420?

CVE-2026-20420 has a CVSS score of 7.5 (HIGH). This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers can exploit incorrect error handling to crash affected devices without user interaction. All devices using vulnerable MediaTek modem firmware are affected.

📋 TL;DR

This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers can exploit incorrect error handling to crash affected devices without user interaction. All devices using vulnerable MediaTek modem firmware are affected.

💻 Affected Systems

Products:

MediaTek modem chipsets

Versions: Specific firmware versions not specified in advisory

Operating Systems: Android and other mobile OS using MediaTek modems

Default Config Vulnerable: ⚠️ Yes

Notes: All devices with vulnerable MediaTek modem firmware are affected regardless of OS or device manufacturer.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent device bricking requiring hardware replacement, complete loss of cellular connectivity, and potential cascading network failures affecting multiple devices.

🟠

Likely Case

Temporary device crashes requiring reboots, intermittent loss of cellular service, and degraded network performance in affected areas.

🟢

If Mitigated

Isolated device crashes with automatic recovery, minimal service disruption due to network redundancy, and quick patch deployment.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires setting up rogue base station equipment but no authentication or user interaction needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patch ID: MOLY01738313

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/February-2026

Restart Required: Yes

Instructions:

1. Contact device manufacturer for firmware updates. 2. Apply MediaTek modem firmware patch MOLY01738313. 3. Reboot device after patch installation. 4. Verify patch application through modem firmware version check.

🔧 Temporary Workarounds

Disable automatic network switching

all

Prevent devices from automatically connecting to unknown base stations

Enable only trusted networks

all

Configure devices to connect only to pre-approved cellular networks

🧯 If You Can't Patch

Isolate affected devices from untrusted cellular networks
Implement network monitoring for rogue base station detection

🔍 How to Verify

Check if Vulnerable:

Check modem firmware version against MediaTek security bulletin for vulnerable versions

Check Version:

Device-specific modem firmware check commands vary by manufacturer

Verify Fix Applied:

Verify modem firmware includes patch MOLY01738313 and check for absence of crash logs

📡 Detection & Monitoring

Log Indicators:

Modem crash logs
Unexpected base station connection attempts
Error handling failure messages

Network Indicators:

Unusual base station signals
Multiple device crashes in same geographic area
Abnormal cellular handoff patterns

SIEM Query:

source="modem_logs" AND ("crash" OR "error_handling" OR "rogue_base_station")

📊 Metadata

CVE ID: CVE-2026-20420

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-125

Published: February 2, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://corp.mediatek.com/product-security-bulletin/February-2026 Vendor Advisory