CVE-2026-20460

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/07/2026
Last modified:
01/07/2026

Description

In Modem, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01811421; Issue ID: MSV-6788.

References to Advisories, Solutions, and Tools