CVE-2026-20434
Published: 02 March 2026
Summary
CVE-2026-20434 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Mediatek Lr12A. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 22.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2026-20434 is an out-of-bounds write vulnerability (CWE-787) in the Modem component due to a missing bounds check. It affects MediaTek modem firmware, as detailed in the vendor's product security bulletin. Published on 2026-03-02, the issue carries a CVSS v3.1 base score of 7.5 (AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) and is tracked under Patch ID MOLY00782946 and Issue ID MSV-4135.
Exploitation requires an attacker to control a rogue base station, with a user equipment (UE) connecting to it; user interaction is needed for the UE to connect. No additional execution privileges are required by the attacker. Successful exploitation could result in remote escalation of privilege, potentially allowing high confidentiality, integrity, and availability impacts.
MediaTek addresses the vulnerability with patch MOLY00782946. Additional mitigation details and affected products are outlined in the March 2026 product security bulletin at https://corp.mediatek.com/product-security-bulletin/March-2026.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-9159
Vulnerability details
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no…
more
additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds write in modem firmware directly enables remote privilege escalation via rogue base station (explicitly stated in description).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses the missing bounds check by requiring validation of information inputs from untrusted sources like a rogue base station to prevent out-of-bounds writes.
Implements memory safeguards such as stack canaries or DEP to protect against exploitation of the out-of-bounds write vulnerability leading to privilege escalation.
Ensures timely identification, testing, and deployment of patches like MOLY00782946 to remediate the specific flaw in MediaTek modem firmware.