Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-20420
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738313; Issue ID: MSV-5935.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20421
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738293; Issue ID: MSV-5922.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20422
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00827332; Issue ID: MSV-5919.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20413
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362725; Issue ID: MSV-5694.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20414
In imgsys, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362999; Issue ID: MSV-5625.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20415
In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20417
In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10314946 / ALPS10340155; Issue ID: MSV-5154.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20418
In Thread, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465153; Issue ID: MSV-4927.
CVSS Score
9.8
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20419
In wlan AP/STA firmware, there is a possible system becoming irresponsive due to an uncaught exception. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461663 / WCNCR00463309; Issue ID: MSV-4852.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-02-02
CVE-2026-1281
Known exploited
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
CVSS Score
9.8
EPSS Score
0.131
Published
2026-01-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved