Out-of-Bounds Write Vulnerability in Mediatek Modem
CVE-2025-20726
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 4 November 2025
What is CVE-2025-20726?
In Mediatek's Modem, a critical security flaw allows for an out-of-bounds write due to inadequate bounds checking. This vulnerability poses a risk of remote privilege escalation, particularly in scenarios where a user equipment (UE) connects to a malicious base station operated by an attacker. The exploitation of this vulnerability does not require user interaction, making it a significant concern for affected systems. A patch has been released to address this issue, and users are advised to update their systems promptly to mitigate the risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 Modem LR12A, NR15, NR16, NR17, NR17R
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved