Remote DoS in MediaTek Modem via Error Handling Crash
CVE-2025-20762 Published on January 6, 2026
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01685181; Issue ID: MSV-4760.
Vulnerability Analysis
Weakness Type
What is an assertion failure Vulnerability?
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
CVE-2025-20762 has been classified to as an assertion failure vulnerability or weakness.
Products Associated with CVE-2025-20762
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-20762 are published in these products:
Affected Versions
MediaTek, Inc. MediaTek chipset:- Version MT6835 is affected.
- Version MT6835T is affected.
- Version MT6878 is affected.
- Version MT6878M is affected.
- Version MT6897 is affected.
- Version MT6899 is affected.
- Version MT6991 is affected.
- Version MT8676 is affected.
- Version MT8678 is affected.
- Version MT8755 is affected.
- Version MT8792 is affected.
- Version MT8793 is affected.
- Version MT8863 is affected.
- Version MT8873 is affected.
- Version MT8883 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.