CVE-2025-20751 is a medium-severity vulnerability classified as an out-of-bounds write (CWE-787) in the modem firmware of various MediaTek chipsets, including MT2735, MT6833, MT6853, MT6877, MT6889, MT6890, MT8675, MT8771, MT8791, and others. The root cause is a missing bounds check in the modem's NR15 firmware version, which allows an attacker who controls a rogue base station to send specially crafted signals that trigger an out-of-bounds write in the modem's memory. This memory corruption leads to a system crash, resulting in a denial of service condition on the affected device. The attack vector is remote over the air interface (AV:A), requiring no privileges (PR:N) or user interaction (UI:N). The vulnerability does not compromise confidentiality or integrity but impacts availability (A:H). The CVSS 3.1 vector is AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H with a score of 6.5. The vulnerability affects a broad range of MediaTek modem chipsets widely used in mobile phones, IoT devices, and embedded systems. Although no exploits are currently known in the wild, the potential for disruption exists if attackers deploy rogue base stations targeting vulnerable devices. MediaTek has assigned patch ID MOLY01661195 to address this issue. The vulnerability highlights the risks posed by malicious base stations and the importance of robust input validation in modem firmware.

For European organizations, the primary impact of CVE-2025-20751 is the potential for remote denial of service on devices using affected MediaTek modem chipsets. This can disrupt mobile communications, IoT operations, and critical infrastructure relying on cellular connectivity. Telecommunications providers, enterprises deploying IoT sensors, and industries dependent on mobile networks could experience service outages or degraded performance. The lack of confidentiality or integrity impact limits data breach risks, but availability disruptions can affect business continuity, emergency services, and operational technology systems. Rogue base stations could be deployed by malicious actors or nation-state adversaries to target specific organizations or regions. The widespread use of MediaTek chipsets in consumer and industrial devices across Europe increases the attack surface. Organizations may face reputational damage, regulatory scrutiny, and financial losses if service disruptions occur. The vulnerability also underscores the need for secure network infrastructure and monitoring to detect rogue base stations.

1. Apply the official MediaTek patch MOLY01661195 promptly to all affected devices and firmware versions, prioritizing critical infrastructure and high-risk deployments. 2. Implement network-level detection and mitigation of rogue base stations using radio frequency monitoring tools and anomaly detection systems. 3. Employ device-level security controls such as modem firmware integrity verification and secure boot mechanisms to prevent unauthorized firmware modifications. 4. Collaborate with mobile network operators to enhance base station authentication and prevent unauthorized access to cellular networks. 5. For IoT deployments, segment networks and apply strict access controls to limit the impact of device outages. 6. Maintain an inventory of devices using affected MediaTek chipsets to prioritize patch management and incident response. 7. Educate security teams on the risks of rogue base stations and establish incident response plans for denial of service events. 8. Monitor vendor advisories and threat intelligence feeds for updates on exploit developments or additional patches.