All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-20458
HIGHpublished 2026-07-01 04:17 UTC · 3 days ago · modified 2026-07-02 05:16 UTC
7.5
CVSS / 10
// description
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01402160; Issue ID: MSV-7298.
// weaknesses (CWE)
- CWE-787