Volerion logoVolerion
Volerion logoVolerion

MediaTek Modem Out-of-Bounds Write Vulnerability Allowing Remote Privilege Escalation

Vulnerability

A high-severity out-of-bounds write vulnerability has been identified in the Modem component of various MediaTek chipsets. This issue arises from an incorrect bounds check, which could allow remote privilege escalation. The vulnerability can be exploited if a user equipment (UE) connects to a rogue base station controlled by an attacker. Notably, no additional execution privileges are required for exploitation, and user interaction is not needed.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation on the affected device.

Remediation

MediaTek has issued a patch for this vulnerability, which can be applied by device manufacturers. Instructions for applying the patch are available through MediaTek's official channels.

Added: Sep 1, 2025, 6:23 AM
Updated: Sep 1, 2025, 6:23 AM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
7.5
exploitability
4.7
remediation
0.0
relevance
0.4
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.