Shodan
Vulnerabilities
Vulnerable Software
Mediatek:  >> Mt6899  Security Vulnerabilities
CVE-2026-20420
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01738313; Issue ID: MSV-5935.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20422
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00827332; Issue ID: MSV-5919.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20411
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5737.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20412
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10351676; Issue ID: MSV-5733.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20413
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362725; Issue ID: MSV-5694.
CVSS Score
6.7
EPSS Score
0.0
Published
2026-02-02
CVE-2026-20404
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689248; Issue ID: MSV-4837.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20405
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01688495; Issue ID: MSV-4818.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20406
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01726634; Issue ID: MSV-5728.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2026-20403
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689254 (Note: For N15 and NR16) / MOLY01689259 (Note: For NR17 and NR17R); Issue ID: MSV-4843.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-02-02
CVE-2025-20800
In mminfra, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267349; Issue ID: MSV-5033.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-01-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved