CVE-2024-20150
📋 TL;DR
This vulnerability in MediaTek modem firmware allows remote attackers to cause a system crash (denial of service) without authentication or user interaction. The logic error in modem processing can be exploited remotely, affecting devices with vulnerable MediaTek chipsets. This impacts smartphones, IoT devices, and other products using affected MediaTek modem components.
💻 Affected Systems
- MediaTek modem chipsets
- Devices using MediaTek modems (smartphones, tablets, IoT devices)
📦 What is this software?
Lr12a by Mediatek
Lr13 by Mediatek
Nr15 by Mediatek
Nr16 by Mediatek
Nr17 by Mediatek
⚠️ Risk & Real-World Impact
Worst Case
Permanent device bricking requiring hardware replacement, complete loss of cellular connectivity, and potential cascading failures in critical infrastructure devices.
Likely Case
Temporary denial of service requiring device reboot, dropped calls, lost data connectivity, and service disruption until modem resets.
If Mitigated
Limited to temporary service interruption with automatic modem recovery mechanisms if implemented.
🎯 Exploit Status
No authentication or user interaction required; remote exploitation possible via cellular network or local network vectors.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Firmware with patch ID MOLY01412526
Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/January-2025
Restart Required: Yes
Instructions:
1. Contact device manufacturer for firmware updates. 2. Apply MediaTek-provided modem firmware patch MOLY01412526. 3. Reboot device after patch installation. 4. Verify patch application through version checking.
🔧 Temporary Workarounds
Network Segmentation
allIsolate devices with vulnerable modems from untrusted networks
Disable Unnecessary Services
mobileTurn off cellular data when not needed to reduce attack surface
🧯 If You Can't Patch
- Implement strict network access controls to limit exposure to cellular networks
- Deploy in monitored environments with rapid incident response capabilities
🔍 How to Verify
Check if Vulnerable:
Check modem firmware version against MediaTek's affected version list in advisoryCheck Version:
Device-specific commands vary by manufacturer; typically in Settings > About Phone > Baseband VersionVerify Fix Applied:
Verify modem firmware version includes patch MOLY01412526📡 Detection & Monitoring
Log Indicators:
- Modem crash logs
- Unexpected modem resets
- Baseband processor failure events
Network Indicators:
- Sudden loss of cellular connectivity
- Abnormal modem signaling patterns
SIEM Query:
source="modem_logs" AND (event="crash" OR event="reset") AND severity=HIGH