Resource exhaustion in Mediatek, Inc. Mediatek Chipset

CVE-2026-20431

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User in…

EPSS: 0.000 (12.3th percentile) — read the EPSS interpretation.

Affected products

Mediatek, Inc. Mediatek Chipset — versions MT6813, MT6815, MT6835

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

corp.mediatek.com/product-security-bulletin/April-2026