CVE-2026-20460
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/07/2026
Last modified:
01/07/2026
Description
In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01811421; Issue ID: MSV-6788.
Impact
Base Score 3.x
5.30
Severity 3.x
MEDIUM



