CVE-2025-20750 is a vulnerability classified as CWE-476 (NULL Pointer Dereference) found in the modem firmware of multiple MediaTek chipsets including MT2735, MT6833, MT6853, MT6873, MT6880, MT8675, MT8771, MT8791, and others. The issue stems from improper input validation within the modem's NR15 component, which can be triggered remotely without any user interaction or elevated privileges. An attacker who controls a rogue base station can send specially crafted signals or messages to a user equipment (UE) device containing these chipsets, causing the modem to dereference a NULL pointer and crash. This leads to a denial of service condition, disrupting the device's ability to maintain cellular connectivity. The vulnerability affects a broad range of MediaTek modems used in smartphones, IoT devices, and other cellular-enabled equipment. Although no exploits have been reported in the wild, the flaw's nature allows remote exploitation purely through network interaction, increasing its risk profile. The vendor has acknowledged the issue and assigned Patch ID MOLY01661199 and Issue ID MSV-4296, but no public patch links are currently available. The vulnerability's impact is primarily on availability, but it could indirectly affect confidentiality and integrity if communications are interrupted or devices reboot unexpectedly. The lack of a CVSS score necessitates an independent severity assessment based on the vulnerability characteristics.

For European organizations, the primary impact of CVE-2025-20750 is the potential for widespread denial of service affecting devices using vulnerable MediaTek modems. This can disrupt mobile communications critical for business operations, emergency services, and industrial IoT deployments. Telecommunications providers may experience increased customer complaints and operational challenges if rogue base stations are deployed by malicious actors or competitors. Enterprises relying on cellular connectivity for remote monitoring, logistics, or critical infrastructure could face outages or degraded service quality. The vulnerability could also be leveraged in targeted attacks against high-value organizations or government entities by causing network disruptions. Given the remote and unauthenticated nature of the exploit, attackers can cause service interruptions without physical access or user involvement, increasing the threat surface. The impact extends to consumer devices as well, potentially affecting millions of users and causing reputational damage to service providers and device manufacturers operating in Europe.

European organizations should proactively monitor for firmware updates from MediaTek and device manufacturers incorporating these chipsets, prioritizing the deployment of patches addressing CVE-2025-20750 once available. Network operators should enhance detection capabilities for rogue base stations using radio frequency monitoring tools and anomaly detection systems to identify unauthorized cellular infrastructure. Implementing network access control measures and validating base station authenticity can reduce exposure. Organizations should also consider deploying endpoint security solutions capable of detecting modem crashes or abnormal device behavior indicative of exploitation attempts. For critical infrastructure and enterprise environments, establishing fallback communication channels and incident response plans for cellular outages is advisable. Collaboration with telecom providers to share threat intelligence related to rogue base stations can improve overall resilience. Finally, educating users and administrators about the risks of connecting to untrusted cellular networks can help mitigate exploitation opportunities.