CVE-2025-20666 is a reachable assertion vulnerability (CWE-617) found in the modem firmware of multiple MediaTek chipsets, including MT2735, MT6833 series, MT6853 series, MT6873 series, MT6880 series, MT6890 series, MT8666 series, MT8673 series, MT8771, MT8791 series, and others. The flaw arises from an uncaught exception in the modem's handling of network communications, which can be triggered remotely when a user equipment (UE) device connects to a maliciously controlled rogue base station. This causes the modem to crash, resulting in a denial of service condition without requiring any user interaction or elevated privileges. The vulnerability affects modem firmware version NR15 and impacts the availability of the device’s cellular connectivity. The CVSS v3.1 base score is 6.5, with an attack vector of adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H). No confidentiality or integrity impacts are noted. Although no exploits are currently known in the wild, the vulnerability poses a risk to mobile devices relying on these MediaTek chipsets, particularly in environments where rogue base stations could be deployed. MediaTek has assigned patch ID MOLY00650610 to address this issue. The vulnerability was reserved in November 2024 and published in May 2025, indicating a recent disclosure and patch availability.

For European organizations, the primary impact of CVE-2025-20666 is the potential for remote denial of service on mobile devices using affected MediaTek chipsets. This can disrupt cellular connectivity, impacting business communications, mobile workforce operations, and IoT devices relying on cellular networks. Critical sectors such as telecommunications, emergency services, transportation, and finance could experience service interruptions if devices connect to rogue base stations, which could be deployed by malicious actors or in hostile environments. Although the vulnerability does not compromise data confidentiality or integrity, the loss of availability can degrade operational continuity and user productivity. The risk is heightened in regions with dense mobile device usage and where MediaTek chipsets have significant market penetration. Additionally, the ease of exploitation without user interaction or privileges increases the threat surface. However, the lack of known exploits in the wild and the medium CVSS score suggest a moderate but actionable risk level. Organizations should assess their device inventories to identify impacted hardware and prioritize firmware updates to mitigate potential disruptions.

1. Immediate deployment of the MediaTek patch MOLY00650610 on all affected devices and modems running firmware NR15 to remediate the vulnerability. 2. Coordinate with device manufacturers and mobile network operators to ensure timely firmware updates are distributed and installed. 3. Implement network monitoring to detect anomalous base station behavior indicative of rogue or fake base stations, using IMSI catchers detection tools or cellular network anomaly detection systems. 4. Educate mobile users and IT staff about the risks of connecting to untrusted cellular networks, especially in high-risk or public environments. 5. Employ mobile device management (MDM) solutions to enforce firmware update policies and monitor device health status. 6. For critical infrastructure and sensitive operations, consider fallback communication methods or multi-network redundancy to maintain connectivity if cellular service is disrupted. 7. Collaborate with telecom providers to enhance base station authentication and integrity verification mechanisms to reduce rogue base station risks. 8. Regularly review and audit device inventories to identify and isolate devices with vulnerable chipsets until patched. These steps go beyond generic advice by focusing on coordinated patch management, network-level detection, and operational continuity planning.