IoT

Securing IoT Devices From Hackers Eye in 2026

Securing IoT Devices

MediaTek Patches Critical Modem Vulnerabilities

Security Advisory: MediaTek disclosed critical vulnerabilities along with remediation for its modem and system components. Since the vulnerabilities affected thousands of devices, amounting to both multiple high- and medium vulnerabilities that affected, 60 chipsets used in smartphones, routers and IoT devices.

OEM	MediaTek
Severity	High
CVSS Score	8.3 (NOA)
CVEs	CVE-2025-20708, CVE-2025-20703, CVE-2025-20704, CVE-2025-20705, CVE-2025-20706, CVE-2025-20707
POC Available	No
Actively Exploited	No
Exploited in Wild	No
Advisory Version	1.0

Overview

MediaTek issued a critical security update in September 2025 and key issues include modem-related flaws such as remote code execution, denial of service via rogue base stations and local privilege escalation.

Other vulnerabilities include WLAN buffer overflows, bootloader logic flaws and keymaster information leaks impacting Android devices and OpenWRT/Yocto platforms. There has been no active exploitation noticed and MediaTek began distributing patches to OEMs from July 2025 and urges immediate firmware updates to mitigate the issues.

Vulnerability Name	CVE ID	Product Affected	Severity
Out-of-bounds write in Modem	CVE-2025-20708	Affected chipsets – 60 chipsets Modem NR15,16,17,17R software versions.	High
Out-of-bounds read in Modem	CVE-2025-20703	Affected chipsets – 57 chipsets Modem NR15,16,17,17R software versions.	High
Out-of-bounds write in Modem	CVE-2025-20704	Affected chipsets – 14 chipsets Modem NR17,17R software versions.	High
Use after free in monitor_hang	CVE-2025-20705	Affected chipsets – 39 chipsets Android 13 – 16, openWRT 19.07, 21.02 / Yocto 2.6 software versions.	Medium
Use after free in mbrain	CVE-2025-20706	Affected chipsets – 5 chipsets Android 14 – 15 software versions.	Medium
Use after free in geniezone	CVE-2025-20707	Affected chipsets – 60 chipsets Android 13 – 15 software versions.	Medium

Technical Summary

These vulnerabilities primarily include out-of-bounds read and write errors (CWE-125, CWE-787) and use-after-free issues (CWE-416), resulting from improper bounds checking and memory management flaws.

An attacker controlling a rogue base station can exploit these flaws remotely without requiring user interaction, potentially causing remote denial of service, unauthorized privilege escalation, or local privilege escalation if system privileges are already obtained. The exploitation of these vulnerabilities could compromise device stability, security and confidentiality by corrupting memory or executing arbitrary code. Affected devices use modem firmware versions NR15 through NR17R, and a wide spectrum of chipsets, highlighting the broad attack surface.

CVE ID	Vulnerability Details	Impact
CVE-2025-20708	An out-of-bounds write flaw exists in the Modem due to incorrect bounds checking. This vulnerability allows remote escalation of privilege when a UE connects to a rogue base station, without requiring additional execution privileges or user interaction.	Unauthorized access, data interception, disruption of cellular services
CVE-2025-20703	The Modem is affected by an out-of-bounds read issue caused by improper bounds validation. This can result in remote denial of service if connected to a malicious base station, and exploitation requires no user interaction or extra privileges.	Denial of Service (DoS), modem or device crash, freeze, unresponsiveness
CVE-2025-20704	Due to a missing bounds check, the Modem is vulnerable to an out-of-bounds write. Exploiting this flaw can lead to remote escalation of privilege when connected to a rogue base station, though user interaction is necessary.	Remote privilege escalation, unauthorized elevated access
CVE-2025-20705	A use-after-free condition in the monitor_hang module can cause memory corruption, potentially leading to local escalation of privilege if the attacker already has System-level access. Exploitation does not require user interaction.	Local privilege escalation, memory corruption
CVE-2025-20706	The mbrain component suffers from a use-after-free vulnerability that can result in memory corruption. This may allow local privilege escalation for an attacker with System privileges, without needing user interaction.	Local privilege escalation, memory corruption
CVE-2025-20707	In the geniezone module, a use-after-free vulnerability can cause memory corruption and permit local privilege escalation if the attacker has System privileges, with no user interaction needed.	Local privilege escalation, memory corruption

Recommendations:

Here are some recommendations below

Once OEM updates are available, make sure to update your device promptly to apply the latest security patches addressing these vulnerabilities.

Avoid connecting to unknown networks to reduce the risk of remote exploitation.

Keep your device’s operating system and apps updated to the latest version.

Conclusion:
MediaTek’s recent security update addresses critical vulnerabilities, especially in modem firmware, that could allow remote attacks without user interaction. Although no active exploits have been found, the severity and scope of these flaws make it vital for manufacturers and users to promptly apply patches to protect devices and data.

The company reassures end users that proactive notification and remediation precede public disclosure, underscoring MediaTek’s commitment to chipset and product security.

References:

https://corp.mediatek.com/product-security-bulletin/September-2025#CVE_2025_20704

https://cybersecuritynews.com/mediatek-security-update/

'Lightweight cryptography' standard to protect small devices finalized

NIST Wrapped Up ‘Lightweight Cryptography’ Algorithm to protect small devices, as IoT & Embedded Devices being prime Target of cybercriminals

The National Institute of Standards and Technology (NIST) has finalized four lightweight cryptographic algorithms designed to safeguard data generated and transmitted by the Internet of Things (IoT) and other small-scale technologies.

The four lightweight cryptographic algorithms that NIST has finalized the standard after a multiyear public review process followed by extensive interaction with the design community.

In the wake of IoT and embedded devices increasingly targeted by cybercriminals, the lightweight cryptography standard ensures strong security without overburdening limited hardware, paving the way for safer adoption in critical sectors like healthcare, transportation, and smart infrastructure.

There are many connected device such as smart home systems, fitness tracker and other IoT applications that lack the processing power and memory to run conventional encryption methods.

NIST’s new lightweight cryptography standard addresses this challenge by offering algorithms that require significantly less computing power and time, while still providing strong protection against cyberattacks.

The new framework, Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST SP 800-232), provides tools for authenticated encryption and hashing while minimizing energy, time, and memory usage.

Selected in 2023 after a global review, the Ascon algorithm family forms the core of the standard. Originally developed in 2014 by researchers at Graz University of Technology, Infineon Technologies, and Radboud University, Ascon has already proven its resilience through the CAESAR competition, where it was recognized as a leading lightweight encryption solution.

Key Features of the Standard

The standard is the result of a multiyear public review and extensive collaboration with the cryptographic design community. Its adoption will help ensure that even resource-constrained devices can securely protect sensitive information.

As NIST emphasizes, “it’s the little things that matter most.” With this new standard in place, even the smallest of networked electronics now have robust defenses against cyber threats.

Four related algorithms are now ready for use to protect data created and transmitted by the Internet of Things and other electronics.

Many networked devices do not possess the electronic resources that larger computers do, but they still need protection from cyberattacks. NIST’s lightweight cryptography standard will help.

The four algorithms in the standard require less computing power and time than more conventional cryptographic methods do, making them useful for securing data from resource-constrained devices such as those making up the Internet of Things.

In the standard are four variants from the Ascon family that give designers different options for different use cases. The variants focus on two of the main tasks of lightweight cryptography: authenticated encryption with associated data (AEAD) and hashing.

ASCON-128 AEAD – Enables secure data encryption and integrity checks while resisting side-channel attacks.

ASCON-Hash 256 – Provides lightweight integrity verification for firmware updates, passwords, and digital signatures.

ASCON-XOF 128 / ASCON-CXOF 128 – Flexible hash functions with customizable lengths for efficiency and collision resistance.

The CXOF variant also adds the ability to attach a customized “label” a few characters long to the hash. If many small devices perform the same encryption operation, there is a small but significant chance that two of them could output the same hash, which would offer attackers a clue about how to defeat the encryption. Adding customized labels would allow users to sidestep this potential problem.

McKay said the NIST team intends the standard not only to be of immediate use, but also to be expandable to meet future needs.

NIST researchers emphasize the standard’s immediate applicability across industries, from smart appliances to healthcare. Future updates may expand functionalities, including a dedicated message authentication code.

In India, regulatory bodies have issued frameworks such as TEC’s Code of Practice for Securing Consumer IoT Devices and the IoT System Certification Scheme to enforce baseline security.

These measures focus on secure boot, encrypted communications, and safe software updates for connected devices.

Sources: ‘Lightweight cryptography’ standard to protect small devices finalized