Out-of-Bounds Write Vulnerability in Mediatek Modem
CVE-2025-20726
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 4 November 2025
What is CVE-2025-20726?
In Mediatek's Modem, a critical security flaw allows for an out-of-bounds write due to inadequate bounds checking. This vulnerability poses a risk of remote privilege escalation, particularly in scenarios where a user equipment (UE) connects to a malicious base station operated by an attacker. The exploitation of this vulnerability does not require user interaction, making it a significant concern for affected systems. A patch has been released to address this issue, and users are advised to update their systems promptly to mitigate the risks.
Affected Version(s)
MT2735, MT2737, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6771, MT6813, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8786, MT8788, MT8788E, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 Modem LR12A, NR15, NR16, NR17, NR17R