Cyber Resilience

CVE-2026-20401

High

Published: 02 February 2026

Published
02 February 2026
Modified
17 February 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0014 34.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-20401 is a high-severity Reachable Assertion (CWE-617) vulnerability in Mediatek Nr15. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 34.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-11 (Error Handling) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-20401 is a vulnerability in the Modem component that allows a possible system crash due to an uncaught exception. It affects devices incorporating vulnerable MediaTek modems, as detailed in the vendor's product security bulletin.

The vulnerability can be exploited remotely by an attacker who controls a rogue base station. When user equipment (UE) connects to the rogue base station, the uncaught exception triggers a system crash, resulting in a denial of service (DoS). Exploitation requires no additional execution privileges or user interaction. The CVSS v3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), with associated weakness enumerations CWE-617 (Reachable Assertion) and CWE-754 (Improper Check for Unusual or Exceptional Conditions).

MediaTek's February 2026 product security bulletin at https://corp.mediatek.com/product-security-bulletin/February-2026 provides mitigation guidance, including patch MOLY01738310 for issue MSV-5933. Affected vendors and device manufacturers should apply this patch to remediate the vulnerability.

EU & UK References

Vulnerability details

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges…

more

needed. User interaction is not needed for exploitation. Patch ID: MOLY01738310; Issue ID: MSV-5933.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Vulnerability enables remote system crash via uncaught exception (reachable assertion) when connecting to rogue base station, directly matching application/system exploitation for endpoint DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-20637Same vendor: Mediatek
CVE-2024-20150Same product: Mediatek Mt2735
CVE-2024-20149Same product: Mediatek Mt2735
CVE-2025-20708Same product: Mediatek Mt2735
CVE-2026-23991Shared CWE-617, CWE-754
CVE-2025-20727Same product: Mediatek Mt2735
CVE-2026-20434Same product: Mediatek Mt2735
CVE-2026-20432Same product: Mediatek Mt2735
CVE-2026-20433Same product: Mediatek Mt2735
CVE-2026-20455Same product: Mediatek Mt6853

Affected Assets

mediatek
nr15
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the uncaught exception vulnerability by applying the vendor-provided patch MOLY01738310 to the MediaTek modem firmware.

prevent

Ensures the modem properly detects and handles exceptional conditions from rogue base stations, preventing system crashes due to CWE-617 and CWE-754 weaknesses.

prevent

Protects system availability against remote denial-of-service attacks triggered by malformed inputs from rogue base stations causing modem crashes.

References