CVE-2023-32843 – This vulnerability in 5G modem firmware allows ... (How to Fix)

Q: What is the severity of CVE-2023-32843?

CVE-2023-32843 has a CVSS score of 7.5 (HIGH). This vulnerability in 5G modem firmware allows remote attackers to cause a system crash (denial of service) by sending malformed RRC (Radio Resource Control) messages. No user interaction or special privileges are required for exploitation. Affects devices using MediaTek 5G modem chipsets with vulnerable firmware.

📋 TL;DR

This vulnerability in 5G modem firmware allows remote attackers to cause a system crash (denial of service) by sending malformed RRC (Radio Resource Control) messages. No user interaction or special privileges are required for exploitation. Affects devices using MediaTek 5G modem chipsets with vulnerable firmware.

💻 Affected Systems

Products:

MediaTek 5G modem chipsets

Versions: Specific firmware versions not publicly detailed in advisory

Operating Systems: Embedded modem firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable MediaTek 5G modem firmware; exact device models not specified in available advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Permanent device bricking requiring hardware replacement, complete loss of cellular connectivity, and potential cascading failures in network infrastructure.

🟠

Likely Case

Temporary denial of service causing device reboot or modem reset, disrupting cellular connectivity until manual restart.

🟢

If Mitigated

Minimal impact with proper network filtering and updated firmware preventing malformed RRC messages from reaching vulnerable devices.

🌐 Internet-Facing: HIGH - Attackers can exploit remotely via cellular networks without authentication.

🏢 Internal Only: LOW - Requires cellular network access, not typical internal network vectors.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires ability to send malformed RRC messages over cellular network; no public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware with patch ID MOLY01130204

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/December-2023

Restart Required: Yes

Instructions:

1. Contact device manufacturer for firmware update availability. 2. Apply firmware update containing patch MOLY01130204. 3. Reboot device after update.

🔧 Temporary Workarounds

Network filtering

all

Implement network-level filtering of malformed RRC messages at cellular infrastructure level

Airplane mode toggle

all

Temporarily disable cellular radio when not in use to reduce attack surface

🧯 If You Can't Patch

Isolate vulnerable devices from untrusted cellular networks when possible
Monitor for abnormal modem resets or connectivity disruptions as exploitation indicators

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against manufacturer's patched version list; contact device vendor for specific vulnerability assessment.

Check Version:

Device-specific modem firmware check commands vary by manufacturer; consult device documentation.

Verify Fix Applied:

Confirm firmware version includes patch ID MOLY01130204; test with legitimate RRC message handling.

📡 Detection & Monitoring

Log Indicators:

Unexpected modem resets
RRC protocol errors
5G connection failures

Network Indicators:

Malformed RRC messages in network traffic
Abnormal RRC message patterns

SIEM Query:

Search for modem crash events, RRC protocol violations, or cellular connectivity disruption logs

📊 Metadata

CVE ID: CVE-2023-32843

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: December 4, 2023

Last Updated: May 29, 2025

🔗 References

https://corp.mediatek.com/product-security-bulletin/December-2023 Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/December-2023 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-32843, you might also want to check these: