CVE-2025-20762
📋 TL;DR
This vulnerability in MediaTek modems allows remote denial of service through system crashes when devices connect to rogue base stations. Attackers can trigger crashes without user interaction or special privileges. Affects devices using vulnerable MediaTek modem chipsets.
💻 Affected Systems
- MediaTek modem chipsets
📦 What is this software?
Nr17 by Mediatek
⚠️ Risk & Real-World Impact
Worst Case
Permanent device bricking requiring hardware replacement, complete loss of cellular connectivity, and potential cascading network failures affecting multiple devices.
Likely Case
Temporary service disruption requiring device reboot, dropped calls and data sessions, and degraded network performance in affected areas.
If Mitigated
Brief service interruption with automatic recovery, minimal user impact in areas with legitimate base station coverage.
🎯 Exploit Status
Exploitation requires specialized equipment to deploy rogue base station but no authentication or user interaction. Attackers need RF equipment and knowledge of cellular protocols.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patch ID: MOLY01685181
Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/January-2026
Restart Required: Yes
Instructions:
1. Contact device manufacturer for firmware updates. 2. Apply MediaTek modem firmware patch MOLY01685181. 3. Reboot device after patch installation. 4. Verify patch through modem firmware version check.
🔧 Temporary Workarounds
Disable automatic network selection
androidPrevent devices from automatically connecting to unknown base stations
Settings > Network & Internet > Mobile network > Network operators > Choose manually
Use Wi-Fi calling when available
androidReduce dependency on cellular networks in high-risk areas
Settings > Network & Internet > Wi-Fi Calling > Enable
🧯 If You Can't Patch
- Deploy cellular network monitoring to detect rogue base stations
- Implement geofencing policies to restrict device connectivity in sensitive areas
🔍 How to Verify
Check if Vulnerable:
Check modem firmware version via engineering mode or contact device manufacturer with IMEI/serial numberCheck Version:
Dial *#*#3646633#*#* on Android devices to access engineering mode and check modem version (varies by manufacturer)Verify Fix Applied:
Verify modem firmware has been updated to version containing patch MOLY01685181📡 Detection & Monitoring
Log Indicators:
- Unexpected modem resets
- Base station ID changes without location movement
- Multiple devices experiencing simultaneous connectivity loss
Network Indicators:
- Unusual base station identifiers in cellular logs
- Devices connecting to base stations with abnormal signal characteristics
- Clusters of devices reporting service disruptions
SIEM Query:
source="cellular_logs" AND (event_type="modem_crash" OR base_station_change_frequency>5) | stats count by device_id