Memory Corruption Vulnerability in Mediatek Modem Products
CVE-2025-20644

7.5HIGH

Key Information:

Vendor: MediaTek
Status: Mt2735, Mt2737, Mt6833, Mt6833p, Mt6853, Mt6853t, Mt6855, Mt6855t, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6877t, Mt6877tt, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895tt, Mt6896, Mt6980, Mt6980d, Mt6983, Mt6983t, Mt6985, Mt6985t, Mt6989, Mt6989t, Mt6990, Mt8673, Mt8791t, Mt8795t, Mt8798
Vendor: CVE Published:; 3 March 2025

Summary

A vulnerability exists in Mediatek Modem products that may allow an attacker to exploit improper error handling, leading to memory corruption. This can facilitate a remote denial of service when a user equipment (UE) connects to a malicious base station controlled by the attacker. Notably, no user interaction is necessary for the exploitation to occur, making it a significant concern for device security. This vulnerability is addressed in patch ID: MOLY01525673, identified as issue ID: MSV-2747.

Affected Version(s)

MT2735, MT2737, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8673, MT8791T, MT8795T, MT8798 Modem NR15, NR16

References

https://corp.mediatek.com/product-security-bulletin/March...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 3, 2025
Vulnerability Reserved
Nov 1, 2024