{"api_version":"1","generated_at":"2026-04-23T01:54:14+00:00","cve":"CVE-2026-20431","urls":{"html":"https://cve.report/CVE-2026-20431","api":"https://cve.report/api/cve/CVE-2026-20431.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20431","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20431"},"summary":{"title":"CVE-2026-20431","description":"In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467.","state":"PUBLISHED","assigner":"MediaTek","published_at":"2026-04-07 04:16:59","updated_at":"2026-04-10 19:58:43"},"problem_types":["CWE-770","CWE-770 CWE-770 Allocation of Resources Without Limits or Throttling","CWE-noinfo Not enough information"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/April-2026","name":"https://corp.mediatek.com/product-security-bulletin/April-2026","refsource":"security@mediatek.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20431","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20431","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6813","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6815","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6835","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6878","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6897","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6899","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6986","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6991","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT6993","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8668","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8676","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8678","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8755","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8775","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8792","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8793","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8863","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8873","platforms":[]},{"source":"CNA","vendor":"MediaTek, Inc.","product":"MediaTek chipset","version":"affected MT8883","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6813","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6813_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6815","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6815_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6835","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6835_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6878","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6878_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6897","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6897_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6899","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6899_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6986","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6986_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6991","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6991_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt6993","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt6993_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8668","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8668_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8676","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8676_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8678","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8678_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8755","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8755_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8775","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8775_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8792","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8792_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8793","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8793_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8863","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8863_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8873","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8873_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"mediatek","cpe5":"mt8883","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"20431","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"mediatek","cpe5":"mt8883_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"20431","cve":"CVE-2026-20431","epss":"0.000610000","percentile":"0.189240000","score_date":"2026-04-15","updated_at":"2026-04-16 00:13:57"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},{"other":{"content":{"id":"CVE-2026-20431","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-07T12:59:15.295899Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"description":"CWE-noinfo Not enough information","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-07T12:59:17.543Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"MediaTek chipset","vendor":"MediaTek, Inc.","versions":[{"status":"affected","version":"MT6813"},{"status":"affected","version":"MT6815"},{"status":"affected","version":"MT6835"},{"status":"affected","version":"MT6878"},{"status":"affected","version":"MT6897"},{"status":"affected","version":"MT6899"},{"status":"affected","version":"MT6986"},{"status":"affected","version":"MT6991"},{"status":"affected","version":"MT6993"},{"status":"affected","version":"MT8668"},{"status":"affected","version":"MT8676"},{"status":"affected","version":"MT8678"},{"status":"affected","version":"MT8755"},{"status":"affected","version":"MT8775"},{"status":"affected","version":"MT8792"},{"status":"affected","version":"MT8793"},{"status":"affected","version":"MT8863"},{"status":"affected","version":"MT8873"},{"status":"affected","version":"MT8883"}]}],"descriptions":[{"lang":"en","value":"In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-770","description":"CWE-770 Allocation of Resources Without Limits or Throttling","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-07T03:25:28.491Z","orgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","shortName":"MediaTek"},"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/April-2026"}],"x_generator":{"engine":"cvelib 1.8.0"}}},"cveMetadata":{"assignerOrgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","assignerShortName":"MediaTek","cveId":"CVE-2026-20431","datePublished":"2026-04-07T03:25:28.491Z","dateReserved":"2025-11-03T01:30:59.011Z","dateUpdated":"2026-04-07T12:59:17.543Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-07 04:16:59","lastModifiedDate":"2026-04-10 19:58:43","problem_types":["CWE-770","CWE-770 CWE-770 Allocation of Resources Without Limits or Throttling","CWE-noinfo Not enough information"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6813_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0E1CB25C-4643-4239-AE47-B5AE876416ED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*","matchCriteriaId":"66F9EAE4-F1D7-46DB-AA2A-0290F6EF0501"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6FE3EEC2-1B07-40FA-90CA-3209C3578FA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6815:-:*:*:*:*:*:*:*","matchCriteriaId":"B7122918-8C44-4F24-82E4-B8448247FC83"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"00B1D726-8183-4667-B46D-18EF110EA9D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*","matchCriteriaId":"19A63103-C708-48EC-B44D-5E465A6B79C5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6878_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"207954E6-D413-4762-9F4A-3A147CFB4FE2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*","matchCriteriaId":"855A8046-34ED-4891-ACE5-76AB10AC8D53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6897_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A04EA650-730F-4E5D-A0E0-90570CACDD5E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*","matchCriteriaId":"2A7D8055-F4B6-41EE-A078-11D56285AB66"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6899_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BEBA484A-EC07-4D3D-80CD-BDE9E7807F71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6899:-:*:*:*:*:*:*:*","matchCriteriaId":"C6E9F80F-9AC9-41E0-BB14-9DB6F14B62CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6986_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"17581EC0-D68B-4EA3-845C-366C4A65FC6B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6986:-:*:*:*:*:*:*:*","matchCriteriaId":"1F419FE2-2D6D-48EE-9B6C-E88AC5D44186"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6991_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D9DD2119-39E8-4A9C-8E2A-8FB7F92A1001"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6991:-:*:*:*:*:*:*:*","matchCriteriaId":"CBBB30DF-E963-4940-B742-F6801F68C3FC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt6993_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FAEB2240-FF37-4CBE-BBEF-8A8281153646"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*","matchCriteriaId":"57E92BE0-5E65-4770-8E1A-0E5D07A38164"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8668_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3EAACB56-716C-4E17-AB78-F5E68B75B791"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8668:-:*:*:*:*:*:*:*","matchCriteriaId":"2589C222-3D62-4BDB-98F2-5F1E38600D8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8676_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"645D7C99-A0A0-4FB0-97AC-3DA5161A44D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*","matchCriteriaId":"EE302F6F-170E-4350-A8F4-65BE0C50CB78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8678_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CFEC7A7B-6948-4B8A-BFA1-9F9D07043605"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*","matchCriteriaId":"152A5F3D-8004-4649-BDB1-E6F0798AF1CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6B49A54E-B0C5-45C4-8396-5E6A2613E3B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8755:-:*:*:*:*:*:*:*","matchCriteriaId":"1CF88096-5CBD-4A4B-8F47-33D38985956F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8775_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FAA319BC-2689-497C-8D7D-482CD2AD89A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8775:-:*:*:*:*:*:*:*","matchCriteriaId":"DE5FB550-7264-4879-BAF9-6798949113AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8792_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AE904A76-14A2-41D5-86FF-BCA686342E85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8792:-:*:*:*:*:*:*:*","matchCriteriaId":"336FC69E-E89F-4642-B6B9-8009D9A2BD52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8793_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42C2F52D-C49C-4AFF-B6FA-FFA82EF96142"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*","matchCriteriaId":"2FBD3487-F8CE-406C-8BD7-DD57FF8CD60B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8863_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"03A3F0E1-3226-4CB5-AE9F-BDA327590107"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8863:-:*:*:*:*:*:*:*","matchCriteriaId":"77E0D738-F0B9-468F-8A10-204F498320BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8873_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9D40337A-B78E-41CF-ADDC-A31190950F73"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8873:-:*:*:*:*:*:*:*","matchCriteriaId":"D6DD525F-7050-42BD-829D-1121698B8009"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mediatek:mt8883_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C5049DE8-5F0C-4E0D-85AE-F47CECE2DCE8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8883:-:*:*:*:*:*:*:*","matchCriteriaId":"23DD8281-FEB4-4E23-8DDA-680FF895F12E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20431","Ordinal":"1","Title":"CVE-2026-20431","CVE":"CVE-2026-20431","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20431","Ordinal":"1","NoteData":"In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01106496; Issue ID: MSV-4467.","Type":"Description","Title":"CVE-2026-20431"}]}}}