CVE-2025-20666
📋 TL;DR
This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers can trigger uncaught exceptions without user interaction or special privileges. All devices using affected MediaTek modem chipsets are potentially vulnerable.
💻 Affected Systems
- MediaTek modem chipsets
📦 What is this software?
Nr15 by Mediatek
⚠️ Risk & Real-World Impact
Worst Case
Permanent device bricking requiring hardware replacement, complete loss of cellular connectivity, and potential cascading failures in cellular networks.
Likely Case
Temporary device crashes requiring reboots, intermittent loss of cellular service, and degraded network performance in affected areas.
If Mitigated
Isolated device crashes with automatic recovery, minimal service disruption when proper network segmentation and monitoring are in place.
🎯 Exploit Status
Requires attacker to operate rogue base station (IMSI catcher/stingray) in proximity to target devices. No authentication or user interaction needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patch ID: MOLY00650610
Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/May-2025
Restart Required: Yes
Instructions:
1. Contact device manufacturer for firmware updates. 2. Apply MediaTek modem firmware patch MOLY00650610. 3. Reboot device after patch installation. 4. Verify patch application through modem firmware version check.
🔧 Temporary Workarounds
Disable automatic network selection
androidPrevent devices from automatically connecting to unknown base stations
Use Wi-Fi calling when available
allReduce dependency on vulnerable cellular modem connections
🧯 If You Can't Patch
- Deploy cellular network monitoring to detect rogue base stations
- Implement device location tracking to identify affected areas and restrict device usage
🔍 How to Verify
Check if Vulnerable:
Check modem firmware version against MediaTek security bulletin. Contact device manufacturer for vulnerability assessment.Check Version:
Device-specific commands vary by manufacturer. Typically: Settings > About Phone > Baseband VersionVerify Fix Applied:
Verify modem firmware includes patch MOLY00650610. Test device connectivity in controlled environment with base station simulation.📡 Detection & Monitoring
Log Indicators:
- Modem crash logs
- Unexpected base station handoffs
- Repeated modem resets
Network Indicators:
- Unusual base station IDs in network traces
- Multiple devices experiencing simultaneous connectivity issues in same geographic area
SIEM Query:
source="modem_logs" AND (event="crash" OR event="exception") AND process="modem"