Volerion logoVolerion
Volerion logoVolerion

MediaTek Modem Out-of-Bounds Read Vulnerability Leading to Remote Denial-of-Service

Vulnerability

A high-severity out-of-bounds read vulnerability has been identified in the Modem component of various MediaTek chipsets. This issue arises from a missing bounds check, which could be exploited to cause a remote denial-of-service condition. The vulnerability is particularly concerning as it can be triggered when a user equipment (UE) connects to a rogue base station controlled by an attacker. Notably, no additional execution privileges are required for exploitation, and user interaction is not needed.

Impact

Exploitation of this vulnerability can lead to a remote denial-of-service condition, causing the affected system to crash or become unresponsive.

Remediation

Device OEMs have been notified of this vulnerability and the corresponding security patches are available. For further information, OEMs can contact their MediaTek representative.

Added: Dec 2, 2025, 3:35 AM
Updated: Dec 2, 2025, 3:35 AM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
4.7
remediation
7.7
relevance
1.2
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.