CVE-2025-20755 is a security vulnerability classified as CWE-476 (NULL Pointer Dereference) affecting a broad range of MediaTek modem chipsets, including MT2735, MT6833, MT6853, MT6873, MT6875, MT6877, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8675, MT8771, MT8791, MT8797, and their variants. The vulnerability resides in the modem firmware, specifically in the NR15 modem version, where improper input validation can cause the modem application to dereference a NULL pointer, leading to a crash. This crash results in a remote denial of service condition on the affected device. The attack vector requires the victim device (User Equipment) to connect to a rogue base station controlled by an attacker, which can send malformed inputs triggering the vulnerability. No additional execution privileges or user interaction are needed, making exploitation feasible in scenarios where an attacker can simulate or control a base station environment. The vulnerability was reserved in November 2024 and published in December 2025, with no CVSS score assigned yet. No known exploits are currently reported in the wild. The vendor has released a patch identified as MOLY00628396 to address the issue. This vulnerability impacts the availability of devices using these MediaTek modems, potentially disrupting mobile communications and services relying on them.

For European organizations, the primary impact of CVE-2025-20755 is the potential for remote denial of service on devices equipped with affected MediaTek modems. This can disrupt mobile communications, affecting both enterprise mobile endpoints and telecom infrastructure that utilize these chipsets. Critical sectors such as telecommunications providers, emergency services, and enterprises relying on mobile connectivity could experience service interruptions. The requirement for a rogue base station means the threat is more likely in targeted attack scenarios or areas with sophisticated attackers capable of deploying such infrastructure. The widespread use of MediaTek chipsets in consumer and industrial devices across Europe increases the attack surface. Disruptions could lead to operational downtime, loss of connectivity, and potential cascading effects on business continuity and safety-critical communications.

To mitigate CVE-2025-20755, European organizations should prioritize the following actions: 1) Deploy the official patch MOLY00628396 from MediaTek as soon as possible to affected devices and firmware versions. 2) Implement network monitoring to detect and block rogue base stations or suspicious radio access points, leveraging anomaly detection and telecom security solutions. 3) Enforce strict device management policies to ensure only updated and verified devices connect to corporate networks. 4) Collaborate with mobile network operators to enhance detection and mitigation of unauthorized base stations. 5) Educate security teams about the risk of rogue base stations and the importance of physical and radio environment security. 6) For critical infrastructure, consider deploying redundant communication paths and failover mechanisms to reduce impact from potential DoS conditions. 7) Maintain an inventory of devices using affected MediaTek modems to assess exposure and prioritize remediation.