Overview
CVE-2025-20752 is a critical vulnerability affecting modems, potentially leading to a remote denial-of-service (DoS) condition. This vulnerability stems from a missing bounds check within the modem’s software, making it susceptible to exploitation by a malicious actor controlling a rogue base station. A successful exploit requires no user interaction and doesn’t need elevated privileges, making it particularly dangerous.
The vulnerability is identified with Patch ID MOLY01270690 and Issue ID MSV-4301.
Technical Details
The core of the vulnerability lies in a missing bounds check within the modem software. This missing check allows a specially crafted message originating from a rogue base station to trigger a system crash in the modem. The attacker essentially overwhelms the modem with malformed data, leading to a denial-of-service. Since the User Equipment (UE) has already connected to the rogue base station, the attacker has full control over the data sent to the modem.
Specifically, without proper validation of the incoming data’s size or structure, the modem attempts to process it, which results in memory corruption and, ultimately, a system crash. This crash renders the modem unusable, disrupting network connectivity.
CVSS Analysis
According to the information available, the CVSS score and severity are currently listed as “N/A.” This could indicate that the CVSS score is yet to be calculated or considered low impact by the vendor. However, the potential for remote denial of service suggests that the impact could be significant, depending on the affected devices and deployment scenarios. A thorough risk assessment is advised.
Possible Impact
The successful exploitation of CVE-2025-20752 can lead to the following:
- Remote Denial of Service (DoS): The primary impact is the disruption of network connectivity for affected devices.
- Service Interruption: Users of affected devices will be unable to make calls, send texts, or use data services.
- Potential for Chain Exploitation: While the immediate impact is DoS, further investigation is needed to rule out potential for more severe consequences, such as information disclosure or remote code execution, depending on how the system handles the crash.
Mitigation or Patch Steps
The recommended mitigation is to apply the provided patch identified as MOLY01270690. Device manufacturers and vendors using the affected modem software should integrate this patch into their firmware updates and distribute them to end-users as soon as possible.
End-users should ensure they install the latest firmware updates provided by their device manufacturers to protect their devices from this vulnerability. Keep an eye on official announcements from your device vendor for update availability.
