News
SBA Newsletter
Upcoming events @ SBA
SBA @ USENIX ATC ’25
09.07.2025
SHECURITY: Pizza & Conference Talks
17.07.2025
SBA Research at a glance
Young Researchers´ Day @ ICT Security Conference 2025 – Recap
A group of dedicated young researchers presented their work at the 21st ICT Security Conference on… ∞
Detection of Null Pointer Dereference in MediaTek VoLTE Stack Firmware with sipgate and ISMK Stralsund
Together with sipgate and ISMK Stralsund, Gabriel Gegenhuber, researcher at SBA Research and University of Vienna, and Michael Pucher, researcher at SBA research, discovered and investigated a vulnerability in the Voice of LTE (VoLTE) stack that is broadly used within MediaTek-based smartphones. ∞
SBA Security Advisory – Null pointer dereference in MediaTek Modem (CVE-2025-20647)
In the Mediatek modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. ∞