CVE-2025-20752 is a vulnerability identified in multiple MediaTek modem chipsets (including MT2735, MT2737, MT6813, MT6833 series, MT6853 series, MT6873 series, MT6880 series, MT6890 series, MT6980 series, MT6990 series, MT8676, and MT8791T) that stems from a missing bounds check in the modem firmware. This missing check leads to a reachable assertion failure (CWE-617), which can cause the modem system to crash unexpectedly. The flaw can be triggered remotely by an attacker who operates a rogue base station that a user equipment (UE) connects to. Exploitation does not require any user interaction or elevated privileges, making it a straightforward denial of service vector. The affected modem versions include NR15, NR16, NR17, and NR17R. The vulnerability impacts the availability of the device by causing a system crash, but it does not affect confidentiality or integrity. The CVSS v3.1 base score is 6.5, with attack vector being adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality or integrity impact (C:N, I:N), and high availability impact (A:H). No public exploits have been reported yet, and MediaTek has assigned patch ID MOLY01270690 to address the issue. The vulnerability is particularly relevant for mobile devices and embedded systems using these chipsets, which are widely deployed globally, including in Europe.

For European organizations, the primary impact of CVE-2025-20752 is the potential for remote denial of service on devices using affected MediaTek modems. This can disrupt mobile communications, impacting both consumer mobile devices and enterprise equipment relying on cellular connectivity. Telecom operators and critical infrastructure entities using devices with these chipsets may experience service interruptions, affecting operational continuity. The lack of confidentiality or integrity impact limits the risk of data breaches, but availability disruptions can lead to loss of productivity, customer dissatisfaction, and potential safety risks in critical systems. The vulnerability’s exploitation does not require user interaction or privileges, increasing the risk of widespread impact if rogue base stations are deployed in targeted areas. European countries with high mobile device usage and advanced telecom infrastructure could see more pronounced effects, especially where MediaTek chipsets have significant market share.

1. Apply the official patches from MediaTek (Patch ID: MOLY01270690) as soon as they become available to affected devices and firmware versions. 2. Telecom operators should monitor and detect rogue base stations within their networks using radio frequency monitoring tools and anomaly detection systems to prevent UE from connecting to malicious infrastructure. 3. Device manufacturers should update firmware and distribute security updates promptly to end-users. 4. Enterprises should implement network segmentation and restrict critical systems’ exposure to cellular networks where possible. 5. Employ endpoint detection and response (EDR) solutions capable of identifying modem crashes or abnormal behavior indicative of exploitation attempts. 6. Encourage users to avoid connecting to unknown or suspicious cellular networks, especially in sensitive environments. 7. Collaborate with telecom regulators to enforce stricter controls on base station certification and deployment to reduce rogue station risks.