CVE-2025-20634
Published: 03 February 2025
Description
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
Security Summary
CVE-2025-20634 is a critical vulnerability in the Modem component, stemming from a missing bounds check that enables an out-of-bounds write (CWE-787). It affects MediaTek modem implementations, as evidenced by the associated Patch ID MOLY01289384 and Issue ID MSV-2436. Published on 2025-02-03, the flaw carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for remote code execution.
Exploitation requires an attacker to control a rogue base station, to which a user equipment (UE), such as a mobile device, connects. No additional execution privileges or user interaction are needed, allowing the attacker to trigger the out-of-bounds write and achieve remote code execution on the targeted UE over the network with low complexity.
MediaTek's February 2025 Product Security Bulletin provides details on mitigation, including the patch MOLY01289384 available at https://corp.mediatek.com/product-security-bulletin/February-2025. Security practitioners should prioritize applying this patch to affected devices to prevent exploitation.
Details
- CWE(s)