Details of VAR-202603-0071

ID

VAR-202603-0071

CVE

CVE-2026-20434

TITLE

media tech's LR12A Out-of-bounds write vulnerabilities in multiple products, including

Trust: 0.8

sources: JVNDB: JVNDB-2026-005807

DESCRIPTION

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135. ID teeth MOLY00782946 ,problem ID teeth MSV-4135 is.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2026-20434 // JVNDB: JVNDB-2026-005807

AFFECTED PRODUCTS

vendor:	mediatek	model:	nr16	scope:	eq	version:	-	Trust: 1.0
vendor:	mediatek	model:	lr12a	scope:	eq	version:	-	Trust: 1.0
vendor:	mediatek	model:	nr17	scope:	eq	version:	-	Trust: 1.0
vendor:	mediatek	model:	lr13	scope:	eq	version:	-	Trust: 1.0
vendor:	mediatek	model:	nr15	scope:	eq	version:	-	Trust: 1.0
vendor:	メディアテック	model:	lr13	scope:	-	version:	-	Trust: 0.8
vendor:	メディアテック	model:	lr12a	scope:	-	version:	-	Trust: 0.8
vendor:	メディアテック	model:	nr17	scope:	-	version:	-	Trust: 0.8
vendor:	メディアテック	model:	nr16	scope:	-	version:	-	Trust: 0.8
vendor:	メディアテック	model:	nr15	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-005807 // NVD: CVE-2026-20434

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2026-20434
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2026-005807
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2026-20434
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-005807
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-005807 // NVD: CVE-2026-20434

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	Out-of-bounds writing (CWE-787) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-005807 // NVD: CVE-2026-20434

PATCH

title:

March 2026

url:

https://corp.mediatek.com/product-security-bulletin/March-2026

Trust: 0.8

sources: JVNDB: JVNDB-2026-005807

EXTERNAL IDS

db:	NVD	id:	CVE-2026-20434	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-005807	Trust: 0.8

sources: JVNDB: JVNDB-2026-005807 // NVD: CVE-2026-20434

REFERENCES

url:	https://corp.mediatek.com/product-security-bulletin/march-2026	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2026-20434	Trust: 0.8

sources: JVNDB: JVNDB-2026-005807 // NVD: CVE-2026-20434

SOURCES

db:	JVNDB	id:	JVNDB-2026-005807
db:	NVD	id:	CVE-2026-20434

LAST UPDATE DATE

2026-03-05T23:43:43.098000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-005807	date:	2026-03-04T03:06:00
db:	NVD	id:	CVE-2026-20434	date:	2026-03-02T22:04:18.130

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-005807	date:	2026-03-04T00:00:00
db:	NVD	id:	CVE-2026-20434	date:	2026-03-02T09:16:16.460