How severe is CVE-2025-20794?

CVE-2025-20794 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-20794

7.5HIGH

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with

Published: 1/6/2026Updated: 1/8/2026

Description

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847.

AI AnalysisPowered by AI

Affected Products

mediateknr15

mediateknr16

mediateknr17

mediateknr17r

mediatekmt2735

mediatekmt2737

mediatekmt6813

mediatekmt6815

mediatekmt6833

mediatekmt6835

mediatekmt6853

mediatekmt6855

mediatekmt6873

mediatekmt6875

mediatekmt6877

mediatekmt6878

mediatekmt6879

mediatekmt6880

mediatekmt6883

mediatekmt6885

mediatekmt6886

mediatekmt6889

mediatekmt6890

mediatekmt6891

mediatekmt6893

mediatekmt6895

mediatekmt6896

mediatekmt6897

mediatekmt6899

mediatekmt6980

mediatekmt6983

mediatekmt6985

mediatekmt6986

mediatekmt6989

mediatekmt6990

mediatekmt6991

mediatekmt6993

mediatekmt8673

mediatekmt8675

mediatekmt8676

mediatekmt8678

mediatekmt8755

mediatekmt8771

mediatekmt8791

mediatekmt8791t

mediatekmt8792

mediatekmt8793

mediatekmt8795t

mediatekmt8797

mediatekmt8798

mediatekmt8863

mediatekmt8873

mediatekmt8883

mediatekmt8893

References

https://corp.mediatek.com/product-security-bulletin/January-2026
Vendor Advisory