CVE-2026-20405 – This vulnerability in MediaTek modems allows re... (How to Fix)

Q: What is the severity of CVE-2026-20405?

CVE-2026-20405 has a CVSS score of 7.5 (HIGH). This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers can trigger crashes without user interaction or special privileges. Affects devices using vulnerable MediaTek modem firmware.

📋 TL;DR

This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers can trigger crashes without user interaction or special privileges. Affects devices using vulnerable MediaTek modem firmware.

💻 Affected Systems

Products:

MediaTek modem chipsets

Versions: Specific firmware versions not publicly disclosed in CVE description

Operating Systems: Android and other mobile OS using MediaTek modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices when connected to cellular networks. Exact chipset models not specified in CVE.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent device bricking requiring hardware replacement, complete loss of cellular connectivity, and potential cascading failures in cellular networks.

🟠

Likely Case

Temporary device crashes requiring reboots, intermittent loss of cellular service, and degraded network performance in affected areas.

🟢

If Mitigated

Isolated device crashes with automatic recovery, minimal service disruption when proper network segmentation and monitoring are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires setting up rogue base station (IMSI catcher/stingray) which requires specialized equipment and knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware with patch ID MOLY01688495

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/February-2026

Restart Required: Yes

Instructions:

1. Check device manufacturer for firmware updates. 2. Apply MediaTek modem firmware update containing patch MOLY01688495. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable automatic network selection

all

Manually select trusted network operators to prevent connection to rogue base stations

Enable airplane mode in untrusted areas

all

Disable cellular radio when in locations where rogue base stations might operate

🧯 If You Can't Patch

Deploy cellular network monitoring to detect rogue base stations
Implement device management policies to restrict connections to untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check modem firmware version against MediaTek security bulletin or contact device manufacturer

Check Version:

Device-specific commands vary by manufacturer (check *#*#4636#*#* on some Android devices)

Verify Fix Applied:

Verify modem firmware version contains patch ID MOLY01688495

📡 Detection & Monitoring

Log Indicators:

Unexpected modem resets
Frequent base station switching
Modem crash logs

Network Indicators:

Devices connecting to unexpected cell towers
Unusual signal strength patterns
Multiple devices crashing simultaneously in same area

SIEM Query:

source="modem_logs" AND (event="crash" OR event="reset") AND NOT reason="normal"

📊 Metadata

CVE ID: CVE-2026-20405

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: February 2, 2026

Last Updated: February 4, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://corp.mediatek.com/product-security-bulletin/February-2026 Vendor Advisory