Volerion logoVolerion
Volerion logoVolerion

MediaTek Modem Null Pointer Dereference Vulnerability Leading to Remote Denial-of-Service

Vulnerability

A null pointer dereference vulnerability has been identified in the MediaTek Modem, affecting several chipsets. This vulnerability arises from improper input validation, which can lead to a system crash. The issue can be exploited remotely, particularly when a user equipment (UE) is connected to a rogue base station controlled by an attacker. Notably, no additional execution privileges are required for exploitation, and user interaction is not needed.

Impact

Exploitation of this vulnerability can cause a system crash, leading to a denial-of-service condition.

Remediation

MediaTek has issued a patch for this vulnerability, which can be applied by device manufacturers. For more information, refer to the MediaTek Product Security Bulletin.

Added: Dec 2, 2025, 3:47 AM
Updated: Dec 2, 2025, 3:47 AM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
4.7
remediation
0.0
relevance
1.3
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.