Improper Input Validation in Mediatek Modem Leading to Remote Denial of Service
CVE-2025-20659
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 7 April 2025
Summary
A vulnerability exists in Mediatek's Modem due to improper input validation that may result in a system crash. This flaw allows attackers to cause a remote denial of service by exploiting a connection to a malicious base station, without requiring any user interaction or additional execution privileges. This issue presents significant security risks for devices relying on this modem technology. A patch addressing this vulnerability is available, and users are encouraged to apply it promptly.
Affected Version(s)
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8791T, MT8796, MT8797, MT8798, MT8863 Modem LR12A, LR13, NR15, NR16, NR17, NR17R
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved