MediaTek Lr13

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in MediaTek Lr13.

By the Year

In 2026 there have been 0 vulnerabilities in MediaTek Lr13. Last year, in 2025 Lr13 had 3 security vulnerabilities published. Right now, Lr13 is on track to have less security vulnerabilities in 2026 than it did last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	3	6.50
2024	3	8.25
2023	1	9.80
2022	1	7.50

It may take a day or so for new Lr13 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent MediaTek Lr13 Security Vulnerabilities

IMS Service Crash Vulnerability Allows Remote DoS via Rogue Base Station
CVE-2025-20678 6.5 - Medium - June 02, 2025

In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.

Stack Exhaustion

Modem IE via error handling in rogue base station
CVE-2025-20667 6.5 - Medium - May 05, 2025

In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.

Inadequate Encryption Strength

Modem Remote DoS via Logic Error
CVE-2024-20150 - January 06, 2025

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.

Marshaling, Unmarshaling

Modem Firmware OOB Write Enables Remote RCE
CVE-2024-20039 - April 01, 2024

In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.

Out-of-Bounds Write in Modem IMS Stack Enables Remote Code Execution
CVE-2023-32874 9.8 - Critical - January 02, 2024

In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).

Memory Corruption

Windows Bluetooth Service OOB Write Local Priv Escalation
CVE-2023-32891 6.7 - Medium - January 02, 2024

In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.

Memory Corruption

Out-of-Bounds Write in CDMA PPP: Remote Privilege Escalation
CVE-2023-20819 9.8 - Critical - October 02, 2023

In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: MOLY01068234; Issue ID: ALPS08010003.

Memory Corruption

4G Modem RRC DoS via invalid SIB12 input validation
CVE-2022-26446 7.5 - High - November 08, 2022

In Modem 4G RRC, there is a possible system crash due to improper input validation. This could lead to remote denial of service, when concatenating improper SIB12 (CMAS message), with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00867883; Issue ID: ALPS07274118.

assertion failure

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for MediaTek Lr13 or by MediaTek? Click the Watch button to subscribe.

MediaTek
Vendor

MediaTek Lr13
Product

MediaTek Lr13

Don't miss out!

By the Year

Recent MediaTek Lr13 Security Vulnerabilities

IMS Service Crash Vulnerability Allows Remote DoS via Rogue Base Station CVE-2025-20678 6.5 - Medium - June 02, 2025

Modem IE via error handling in rogue base station CVE-2025-20667 6.5 - Medium - May 05, 2025

Modem Remote DoS via Logic Error CVE-2024-20150 - January 06, 2025

Modem Firmware OOB Write Enables Remote RCE CVE-2024-20039 - April 01, 2024

Out-of-Bounds Write in Modem IMS Stack Enables Remote Code Execution CVE-2023-32874 9.8 - Critical - January 02, 2024

Windows Bluetooth Service OOB Write Local Priv Escalation CVE-2023-32891 6.7 - Medium - January 02, 2024

Out-of-Bounds Write in CDMA PPP: Remote Privilege Escalation CVE-2023-20819 9.8 - Critical - October 02, 2023

4G Modem RRC DoS via invalid SIB12 input validation CVE-2022-26446 7.5 - High - November 08, 2022

Stay on top of Security Vulnerabilities

MediaTek Vendor

MediaTek Lr13Product

IMS Service Crash Vulnerability Allows Remote DoS via Rogue Base Station
CVE-2025-20678 6.5 - Medium - June 02, 2025

Modem IE via error handling in rogue base station
CVE-2025-20667 6.5 - Medium - May 05, 2025

Modem Remote DoS via Logic Error
CVE-2024-20150 - January 06, 2025

Modem Firmware OOB Write Enables Remote RCE
CVE-2024-20039 - April 01, 2024

Out-of-Bounds Write in Modem IMS Stack Enables Remote Code Execution
CVE-2023-32874 9.8 - Critical - January 02, 2024

Windows Bluetooth Service OOB Write Local Priv Escalation
CVE-2023-32891 6.7 - Medium - January 02, 2024

Out-of-Bounds Write in CDMA PPP: Remote Privilege Escalation
CVE-2023-20819 9.8 - Critical - October 02, 2023

4G Modem RRC DoS via invalid SIB12 input validation
CVE-2022-26446 7.5 - High - November 08, 2022

MediaTek
Vendor

MediaTek Lr13
Product