CVE-2026-20463
MediumCVSS 6.7Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
In the Modem module, a vulnerability was found that allows privilege escalation through a permissions bypass. This can be exploited locally if the attacker already has System privileges. User interaction is not required for exploitation.
Risk Assessment
The risk involves an attacker with existing System privileges being able to gain higher privileges, potentially leading to full device compromise.
Recommendation
It is recommended to immediately apply patch MOLY01716533 provided by the vendor. Update the modem software to the latest version.
Original NVD description (English source)
In Modem, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: MOLY01716533; Issue ID: MSV-6309.

