CVE-2026-20401 – This vulnerability allows remote denial of serv... (How to Fix)

Q: What is the severity of CVE-2026-20401?

CVE-2026-20401 has a CVSS score of 7.5 (HIGH). This vulnerability allows remote denial of service attacks against mobile devices with affected MediaTek modems. An attacker can crash the system by connecting a device to a rogue base station, requiring no user interaction or special privileges. All devices using vulnerable MediaTek modem firmware are affected.

📋 TL;DR

This vulnerability allows remote denial of service attacks against mobile devices with affected MediaTek modems. An attacker can crash the system by connecting a device to a rogue base station, requiring no user interaction or special privileges. All devices using vulnerable MediaTek modem firmware are affected.

💻 Affected Systems

Products:

MediaTek modem chipsets

Versions: Specific firmware versions not specified in advisory

Operating Systems: Android and other mobile OS using MediaTek modems

Default Config Vulnerable: ⚠️ Yes

Notes: All devices with vulnerable MediaTek modem firmware are affected regardless of OS version or device manufacturer.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring device reboot, potentially disrupting emergency communications and causing service outages for affected mobile devices.

🟠

Likely Case

Temporary denial of service affecting mobile connectivity until device reboot, with potential for repeated attacks causing persistent disruption.

🟢

If Mitigated

Limited impact with proper network controls preventing connection to rogue base stations, though risk remains in unsecured environments.

🌐 Internet-Facing: MEDIUM - Requires proximity to target and rogue base station setup, but no authentication or user interaction needed.

🏢 Internal Only: LOW - Typically requires physical proximity and specialized equipment to deploy rogue base station.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires setting up rogue base station equipment and proximity to target devices, but no authentication or user interaction needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patch ID: MOLY01738310

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/February-2026

Restart Required: Yes

Instructions:

1. Contact device manufacturer for firmware updates. 2. Apply MediaTek modem firmware patch MOLY01738310. 3. Reboot device after patch installation.

🔧 Temporary Workarounds

Disable automatic network selection

all

Manually select trusted network operators to prevent connection to rogue base stations

Enable airplane mode in untrusted areas

all

Disable cellular connectivity when in potentially compromised environments

🧯 If You Can't Patch

Implement network monitoring for rogue base station detection
Restrict device usage in high-risk environments or use alternative connectivity methods

🔍 How to Verify

Check if Vulnerable:

Check device modem firmware version against MediaTek security bulletin

Check Version:

Device-specific modem firmware check (varies by manufacturer)

Verify Fix Applied:

Verify patch MOLY01738310 is applied in modem firmware version

📡 Detection & Monitoring

Log Indicators:

Unexpected modem crashes
Base station connection failures
System reboot events

Network Indicators:

Connections to unknown base stations
Unusual cell tower behavior

SIEM Query:

Search for modem crash events or repeated cellular disconnections within short timeframes

📊 Metadata

CVE ID: CVE-2026-20401

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: February 2, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://corp.mediatek.com/product-security-bulletin/February-2026 Vendor Advisory