CVE-2025-20794 – This vulnerability in MediaTek modems allows im... (How to Fix)

Q: What is the severity of CVE-2025-20794?

CVE-2025-20794 has a CVSS score of 6.5 (MEDIUM). This vulnerability in MediaTek modems allows improper input validation to cause system crashes, leading to remote denial of service. Attackers can exploit this via rogue base stations without user interaction, affecting devices with vulnerable MediaTek modem chipsets.

📋 TL;DR

This vulnerability in MediaTek modems allows improper input validation to cause system crashes, leading to remote denial of service. Attackers can exploit this via rogue base stations without user interaction, affecting devices with vulnerable MediaTek modem chipsets.

💻 Affected Systems

Products:

MediaTek modem chipsets

Versions: Specific versions not publicly detailed in advisory

Operating Systems: Android and other OS using affected MediaTek modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with vulnerable MediaTek modem firmware; exact device models not specified in advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device crash and denial of service requiring physical restart, potentially disrupting critical communications.

🟠

Likely Case

Temporary service disruption and device instability requiring reboot.

🟢

If Mitigated

Minimal impact with proper network security controls and updated firmware.

🌐 Internet-Facing: HIGH - Exploitable via rogue base stations which can be deployed in public areas.

🏢 Internal Only: LOW - Requires proximity to rogue base station, not typical internal network attack vector.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires attacker to control rogue base station in proximity to target device.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches identified as MOLY01689259 / MOLY01586470

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/January-2026

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply MediaTek modem firmware patches MOLY01689259 or MOLY01586470. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable automatic network switching

all

Prevent device from connecting to unknown base stations

Settings vary by device - typically in Mobile Network settings

Use trusted networks only

all

Manually select known carrier networks

Network selection settings on device

🧯 If You Can't Patch

Monitor for unusual base station connections in network logs
Implement physical security controls to prevent rogue base station deployment in sensitive areas

🔍 How to Verify

Check if Vulnerable:

Check modem firmware version against MediaTek advisory; contact device manufacturer for specific vulnerability status.

Check Version:

Device-specific; typically in Settings > About Phone > Baseband Version

Verify Fix Applied:

Verify modem firmware has been updated to version containing patches MOLY01689259 or MOLY01586470.

📡 Detection & Monitoring

Log Indicators:

Unexpected modem resets
Base station connection errors
System crash logs

Network Indicators:

Connections to unknown base station IDs
Unusual signal strength patterns

SIEM Query:

Search for modem crash events or base station connection anomalies in device logs

📊 Metadata

CVE ID: CVE-2025-20794

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-121

EPSS Score: 0.3% exploit probability (53.2th percentile)

Published: January 6, 2026

Last Updated: February 17, 2026

🔗 References

https://corp.mediatek.com/product-security-bulletin/January-2026 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-20794, you might also want to check these: