CVE-2026-20402 is a security vulnerability classified as an out-of-bounds write (CWE-787) affecting modem firmware versions NR15 on a broad range of MediaTek chipsets (MT2735, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8771, MT8791, MT8791T, MT8797). The vulnerability results from improper input validation within the modem component, which can be triggered remotely when a user equipment (UE) device connects to a rogue base station controlled by an attacker. This leads to an out-of-bounds write condition that causes a system crash, effectively resulting in a denial of service (DoS) on the affected device. Exploitation does not require any user interaction or elevated privileges, increasing the risk profile. The flaw primarily impacts the availability of the device by crashing the modem subsystem, potentially disrupting network connectivity and dependent services. No CVSS score has been assigned yet, and no known exploits have been reported in the wild. The vendor has assigned Patch ID MOLY00693083 to address this issue. The vulnerability is significant because it can be exploited remotely via network-level manipulation without user involvement, making it a critical concern for mobile devices and IoT equipment using these MediaTek chipsets.

The primary impact of CVE-2026-20402 is a remote denial of service condition on devices using affected MediaTek modems. For European organizations, this could translate into temporary loss of mobile connectivity on affected devices, disrupting communications, business operations, and potentially critical services relying on mobile networks. Industries such as telecommunications, logistics, emergency services, and IoT deployments are particularly at risk. The ability of an attacker to induce a system crash remotely without user interaction or privileges means that rogue base stations could be used to target multiple devices in a geographic area, amplifying the disruption. This could also affect mobile network operators indirectly by increasing support costs and degrading user experience. While confidentiality and integrity impacts are not indicated, the availability impact alone is significant, especially for organizations with high dependency on mobile connectivity and real-time data transmission.

1. Immediately apply the vendor-provided patch MOLY00693083 to all affected MediaTek modem firmware versions to remediate the vulnerability. 2. Implement network monitoring to detect and block rogue base stations or suspicious cellular network activity, using tools capable of identifying unauthorized base stations. 3. Employ mobile device management (MDM) solutions to enforce firmware updates and monitor device health across organizational assets. 4. Educate users and administrators about the risks of connecting to untrusted cellular networks, especially in sensitive or high-risk environments. 5. Collaborate with mobile network operators to enhance detection and mitigation of rogue base stations within organizational operational areas. 6. For IoT deployments using affected chipsets, consider network segmentation and fallback communication channels to maintain availability during potential attacks. 7. Regularly audit and inventory devices to identify those using vulnerable MediaTek chipsets and prioritize remediation accordingly.