Description
In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01760138; Issue ID: MSV-6148.
Published: 2026-05-04
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap buffer overflow in the Modem component of MediaTek chipsets can be triggered without any user interaction or elevated privileges, leading to a system crash that manifests as a denial of service for the connected user equipment. The vulnerability is identified as CWE-120 and requires no additional execution privileges to exploit. The explosion of the heap buffer can thus cause a full denial of service to the device.

Affected Systems

MediaTek, Inc. produces the affected chipsets. All firmware builds that include the unpatched Modem code are potentially vulnerable, and no specific firmware or hardware version information is provided in the advisory.

Risk and Exploitability

The CVE is classified as a remote denial of service. Based on the description, the attack is carried out over the air by a rogue base station that the user equipment connects to, so the likely attack vector is wireless. The CVSS score of 6.5 indicates moderate severity. The EPSS score of less than 1% implies that the probability of exploitation is low. The vulnerability is not listed in the CISA KEV catalog. Even though the exploitation is remote and requires no user action, the low EPSS coupled with moderate severity means patching should be prioritized.

Generated by OpenCVE AI on May 4, 2026 at 15:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply vendor supplied patch MOLY01760138 to all affected MediaTek chipset firmware installations.
  • Reconfigure base station authentication and certification mechanisms to reject connections from untrusted or rogue stations.
  • Employ continuous monitoring of OTA traffic for signatures of rogue base station activity and trigger alerts for anomalous behavior.
  • Restrict firmware updates to signed images and validate integrity before installation.

Generated by OpenCVE AI on May 4, 2026 at 15:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 15:30:00 +0000

Type Values Removed Values Added
Title Modem Heap Buffer Overflow Causing Remote Denial of Service

Mon, 04 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 04 May 2026 08:15:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek, Inc.
Mediatek, Inc. mediatek Chipset
Vendors & Products Mediatek, Inc.
Mediatek, Inc. mediatek Chipset

Mon, 04 May 2026 07:45:00 +0000

Type Values Removed Values Added
Title Modem Heap Buffer Overflow Causing Remote Denial of Service

Mon, 04 May 2026 06:45:00 +0000

Type Values Removed Values Added
Description In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01760138; Issue ID: MSV-6148.
Weaknesses CWE-120
References

Subscriptions

Mediatek, Inc. Mediatek Chipset
cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published:

Updated: 2026-05-04T12:59:15.818Z

Reserved: 2025-11-03T01:30:59.013Z

Link: CVE-2026-20449

cve-icon Vulnrichment

Updated: 2026-05-04T12:59:05.581Z

cve-icon NVD

Status : Received

Published: 2026-05-04T07:15:59.610

Modified: 2026-05-04T14:16:32.390

Link: CVE-2026-20449

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T15:15:03Z

Weaknesses