CVE-2025-20755 is a vulnerability classified under CWE-476 (NULL Pointer Dereference) affecting a broad range of MediaTek modem chipsets including MT2735, MT6833 series, MT6853 series, MT6873 series, MT6880 series, MT6890 series, MT8675, MT8771, MT8791 series, and MT8797. The flaw arises from improper input validation within the modem firmware (Modem NR15), which can cause the modem application to crash when it processes certain malformed inputs received from a base station. An attacker controlling a rogue base station can exploit this by sending crafted signals to a UE (user equipment) that connects to it, triggering the NULL pointer dereference and causing a denial of service condition. This results in loss of modem functionality, impacting device availability. The attack vector is network-based (AV:N), requires low privileges (PR:L) but no user interaction (UI:N), and has a high attack complexity (AC:H) due to the need to operate a rogue base station. The vulnerability does not impact confidentiality or integrity but affects availability (A:H). MediaTek has assigned patch ID MOLY00628396 to address this issue. No public exploits have been reported yet, but the vulnerability is significant given the widespread use of affected chipsets in mobile devices and IoT equipment. The vulnerability was published on December 2, 2025, and is rated medium severity with a CVSS v3.1 score of 5.3.

For European organizations, this vulnerability can disrupt mobile communications by causing modem crashes and denial of service on devices using affected MediaTek chipsets. This can impact critical sectors relying on mobile connectivity such as telecommunications providers, emergency services, transportation, and industrial IoT deployments. The ability of an attacker to induce a DoS remotely without user interaction increases risk in environments where rogue base stations could be deployed, such as urban areas, transport hubs, or near sensitive facilities. Disruptions could lead to loss of service, operational delays, and potential safety risks. Although confidentiality and integrity are not directly affected, availability impacts could cascade into broader operational challenges. The medium severity rating suggests moderate urgency but given the critical role of mobile connectivity, timely mitigation is essential to maintain service continuity.

European organizations should prioritize updating affected devices with the MediaTek patch MOLY00628396 as soon as it becomes available from device manufacturers or vendors. Network operators should enhance detection and prevention mechanisms for rogue base stations, including deploying radio frequency monitoring tools and anomaly detection systems to identify unauthorized base stations. Device manufacturers and integrators should verify firmware versions and ensure secure update mechanisms are in place to facilitate rapid patch deployment. Organizations should also implement network segmentation and restrict sensitive communications to trusted networks where possible. User awareness campaigns can help identify unusual connectivity issues that may indicate exploitation attempts. Collaboration with telecom providers to share threat intelligence on rogue base stations and suspicious activity can further reduce risk. Finally, maintaining an inventory of devices using affected MediaTek chipsets will help prioritize remediation efforts.