Volerion logoVolerion
Volerion logoVolerion

MediaTek Modem Null Pointer Dereference Vulnerability Leading to Remote Denial-of-Service

Vulnerability

A null pointer dereference vulnerability has been identified in the MediaTek Modem, specifically in chipsets MT2735, MT2737, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6897, MT6899, MT6980, MT6983, MT6985, MT6986, MT6989, MT6990, MT6991, MT6993, MT8186, MT8188, MT8196, MT8367, MT8391, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8863, MT8873, MT8883, MT8893. This vulnerability can lead to a system crash due to improper error handling, creating a potential remote denial-of-service scenario. Exploitation could occur if a user equipment (UE) connects to a rogue base station controlled by an attacker, without requiring any additional execution privileges or user interaction.

Impact

Exploitation of this vulnerability can cause a system crash, leading to a denial-of-service condition on the affected device.

Remediation

MediaTek has released a patch for this vulnerability, which can be applied by device manufacturers. The patch ID is MOLY01430930.

Added: Jan 6, 2026, 2:37 AM
Updated: Jan 6, 2026, 2:37 AM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
4.7
remediation
0.0
relevance
1.9
threat
0.0
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.