Volerion logoVolerion
Volerion logoVolerion

MediaTek Modem Improper Input Validation Leading to Remote Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the MediaTek Modem component of several chipsets. This issue arises from improper input validation, which can cause an application crash. The vulnerability can be exploited remotely if a user equipment (UE) is connected to a rogue base station controlled by an attacker. Notably, no additional execution privileges are required for exploitation, and user interaction is not needed.

Impact

Exploitation of this vulnerability can lead to a remote denial-of-service condition, causing the application to crash.

Remediation

MediaTek has issued a patch for this vulnerability, which can be applied by device manufacturers. Instructions for applying the patch are available through MediaTek's official channels.

Added: Dec 2, 2025, 3:40 AM
Updated: Dec 2, 2025, 3:40 AM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
4.7
remediation
7.7
relevance
1.2
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.