Volerion logoVolerion
Volerion logoVolerion

MediaTek Modem Improper Certificate Validation Vulnerability Allowing Information Disclosure

Vulnerability

A permission bypass vulnerability has been identified in the MediaTek Modem due to improper certificate validation. This issue could lead to remote information disclosure if a user equipment (UE) connects to a rogue base station controlled by an attacker. The vulnerability requires user execution privileges and user interaction for exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized remote information disclosure.

Remediation

MediaTek has issued a patch for this vulnerability, which can be applied by device manufacturers. Instructions for applying the patch are available through MediaTek's official channels.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
5.0
exploitability
4.0
remediation
0.0
relevance
0.0
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.