CVE-2025-20761 is a vulnerability identified in multiple MediaTek modem chipsets, including models MT2735 through MT8893, affecting modem versions NR15, NR16, and NR17. The root cause is an improper check for unusual or exceptional conditions (CWE-754) within the modem's error handling logic. Specifically, when a user equipment (UE) device connects to a rogue base station controlled by an attacker, the modem may encounter an unhandled error condition leading to a system crash. This crash results in a denial of service (DoS) condition, disrupting the device's connectivity and potentially requiring a reboot or manual intervention to restore service. The vulnerability does not require any privileges or user interaction to exploit, making it accessible remotely by an attacker capable of setting up a rogue base station. The CVSS v3.1 base score is 6.5 (medium severity), with attack vector as adjacent network, low attack complexity, no privileges required, no user interaction, and impact limited to availability (no confidentiality or integrity impact). The vulnerability affects a broad range of MediaTek modem chipsets widely used in mobile devices globally. No public exploits have been reported yet, but the potential for disruption in mobile communications is significant. The vendor has assigned patch ID MOLY01311265 and issue ID MSV-4655, indicating a fix is available or forthcoming. This vulnerability highlights the risks posed by rogue base stations in mobile networks and the importance of robust error handling in modem firmware.

For European organizations, the primary impact of CVE-2025-20761 is the potential disruption of mobile communications due to remote denial of service on devices using affected MediaTek modems. This can affect mobile phones, IoT devices, and other cellular-connected equipment, leading to loss of connectivity and service availability. Critical sectors such as telecommunications providers, emergency services, transportation, and industrial control systems relying on cellular connectivity could experience operational interruptions. The lack of confidentiality or integrity impact means data breaches are unlikely, but service outages could degrade business continuity and safety-critical operations. The ease of exploitation without user interaction increases the risk, especially in urban or high-density areas where rogue base stations could be deployed covertly. European mobile network operators and enterprises using devices with these chipsets must be vigilant to prevent service degradation and potential cascading effects on dependent systems.

1. Apply the official patches from MediaTek (Patch ID MOLY01311265) as soon as they become available to ensure the modem firmware correctly handles exceptional conditions. 2. Mobile network operators should enhance detection and mitigation of rogue base stations through network monitoring, anomaly detection, and signal validation techniques. 3. Enterprises should inventory devices using affected MediaTek modems and prioritize firmware updates or device replacements where patches are unavailable. 4. Implement network-level protections such as secure authentication protocols (e.g., 5G authentication) to reduce the risk of rogue base station connections. 5. Educate users and administrators about the risks of connecting to untrusted cellular networks and encourage the use of VPNs or other secure communication channels. 6. Collaborate with telecom regulators and industry groups to share threat intelligence and coordinate responses to rogue base station threats. 7. For critical infrastructure, consider redundant communication paths or failover mechanisms to maintain availability during potential DoS events.