CVE-2026-20406 is a vulnerability classified under CWE-770 (Allocation of Resources Without Limits or Throttling) affecting a wide range of MediaTek modem chipsets, including models MT2735 through MT8893. The issue arises in the modem's handling of resource allocation, where an uncaught exception can cause the system to crash. This vulnerability can be exploited remotely by an attacker who controls a rogue base station to which a user equipment (UE) device connects. The attack does not require any additional execution privileges or user interaction, making it easier to exploit in practice. The consequence of exploitation is a denial of service (DoS) condition on the affected device, potentially disrupting network connectivity and communications. The affected modem versions include NR15, NR16, NR17, and NR17R. Although no exploits have been reported in the wild, the vulnerability's nature suggests it could be leveraged in targeted attacks against mobile devices or infrastructure relying on these chipsets. The vulnerability was reserved in November 2025 and published in February 2026. While a patch ID (MOLY01726634) and issue ID (MSV-5728) are referenced, no direct patch links are provided in the data. The broad range of affected chipsets indicates a widespread impact across many devices using MediaTek modems, which are common in smartphones, IoT devices, and embedded systems. The vulnerability primarily impacts the availability of affected devices by causing system crashes, which could disrupt user communications and services relying on these modems.

For European organizations, this vulnerability poses a significant risk to mobile communications and connected infrastructure that utilize MediaTek modem chipsets. The potential for remote denial of service without user interaction or elevated privileges means attackers could disrupt critical communications, affecting enterprises, emergency services, and telecom operators. Disruptions could impact mobile workforce connectivity, IoT deployments, and any service relying on stable cellular connections. The risk is heightened in environments where rogue base stations could be deployed or exist, such as in urban areas, transport hubs, or near sensitive facilities. The widespread use of MediaTek chipsets in consumer and industrial devices across Europe means the attack surface is large. While no exploits are currently known in the wild, the vulnerability could be leveraged in espionage, sabotage, or disruption campaigns, especially given geopolitical tensions. The impact on confidentiality and integrity is limited, but availability degradation could have cascading effects on business operations and public safety communications.

To mitigate this vulnerability, European organizations should prioritize the following actions: 1) Identify and inventory all devices using affected MediaTek modem chipsets, including smartphones, IoT devices, and embedded systems. 2) Apply vendor-provided patches or firmware updates as soon as they become available, referencing the patch ID MOLY01726634 and issue ID MSV-5728. 3) Implement network monitoring to detect and block rogue base stations or suspicious cellular network behavior using IMSI catchers or similar detection tools. 4) Employ mobile device management (MDM) solutions to enforce timely updates and restrict connections to untrusted networks. 5) Educate users and administrators about the risks of connecting to unknown cellular networks, especially in sensitive or high-risk locations. 6) Collaborate with telecom providers to enhance detection and mitigation of rogue base stations within organizational environments. 7) For critical infrastructure, consider fallback communication methods or redundancy to maintain availability during potential disruptions. These steps go beyond generic advice by focusing on proactive detection of rogue base stations and strict update management tailored to the affected modem chipsets.