CVE-2025-20791 is a vulnerability identified in multiple MediaTek modem chipsets (including MT2735, MT6833 series, MT6853 series, MT6873 series, MT6880 series, MT6890 series, MT8675, MT8771, MT8791 series, and MT8797) running modem firmware version NR15. The root cause is a reachable assertion failure (CWE-617) triggered by improper error handling within the modem's software stack. When a user equipment (UE) connects to a rogue base station controlled by an attacker, the modem encounters an assertion that leads to a system crash, resulting in a denial of service condition. This crash disrupts the modem's operation, causing loss of network connectivity and service availability. Exploitation requires no user interaction and no elevated privileges, but the attacker must be able to establish a rogue base station within radio proximity to the target device. The CVSS v3.1 base score is 5.3 (medium severity), reflecting network attack vector, high attack complexity, low privileges required, no user interaction, and impact limited to availability (no confidentiality or integrity impact). No public exploits are known at this time, but the vulnerability poses a risk to mobile devices and networks using affected MediaTek chipsets. The vendor has assigned Patch ID MOLY01661189 and Issue ID MSV-4298 to address the issue. The vulnerability is significant because it can be weaponized to disrupt mobile communications, potentially affecting critical communications and services reliant on these modems.

For European organizations, the primary impact of CVE-2025-20791 is the potential for remote denial of service on mobile devices and embedded systems using affected MediaTek modems. This can lead to temporary loss of cellular connectivity, impacting business operations, emergency communications, and IoT device functionality. Enterprises relying on mobile broadband for critical applications, remote workforce connectivity, or IoT deployments could experience service interruptions. Telecommunications providers and mobile network operators may face increased support costs and customer dissatisfaction due to service outages. The vulnerability could also be exploited in targeted attacks against high-value individuals or organizations by deploying rogue base stations in strategic locations. Although the vulnerability does not compromise data confidentiality or integrity, the availability impact can disrupt essential services, especially in sectors like finance, healthcare, and public safety that depend on reliable mobile communications.

To mitigate CVE-2025-20791, affected organizations should: 1) Apply the official patches from MediaTek (Patch ID MOLY01661189) as soon as they become available and ensure all devices with affected chipsets are updated to the fixed modem firmware version. 2) Implement network monitoring solutions capable of detecting rogue base stations or suspicious radio signals in sensitive environments, using tools such as IMSI catchers detection or radio frequency anomaly detection systems. 3) Enforce strict mobile device management (MDM) policies to control device firmware updates and ensure compliance with security patches. 4) Educate users about the risks of connecting to unknown or untrusted cellular networks, although user interaction is not required for exploitation, awareness can help in recognizing suspicious connectivity issues. 5) Collaborate with mobile network operators to enhance detection and mitigation of rogue base stations within their infrastructure. 6) For critical IoT deployments, consider network segmentation and fallback communication methods to maintain availability during potential modem outages.