CVE Catalog

CVE-2026-20463

MediumCVSS 6.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

2th percentile — higher than 2% of all known CVEs

Summary

In the Modem module, a vulnerability was found that allows privilege escalation through a permissions bypass. This can be exploited locally if the attacker already has System privileges. User interaction is not required for exploitation.

Risk Assessment

The risk involves an attacker with existing System privileges being able to gain higher privileges, potentially leading to full device compromise.

Recommendation

It is recommended to immediately apply patch MOLY01716533 provided by the vendor. Update the modem software to the latest version.

Original NVD description (English source)

In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS