CVE-2025-61612
Improper Input Validation in NR Modem Causes Remote DoS
Publication date: 2026-03-09
Last updated on: 2026-03-09
Assigner: Unisoc
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | 13.0 | |
| android | 14.0 | |
| android | 15.0 | |
| android | 16.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-61612 is a high-severity vulnerability found in the NR (New Radio) modem caused by improper input validation. This flaw can cause the system to crash remotely, leading to a denial of service (DoS) condition. The attack can be performed over the network without requiring any additional execution privileges.
How can this vulnerability impact me? :
This vulnerability can impact you by causing a remote denial of service (DoS) on affected devices. Specifically, it can crash the system remotely, making the device unavailable or unresponsive. Since no additional privileges are needed to exploit this flaw, it poses a significant risk to device availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves a remote denial of service caused by improper input validation in the NR modem, which can lead to system crashes when exploited over the network.
Detection would typically involve monitoring for unusual modem crashes or service interruptions that occur without user interaction or privilege escalation.
Since the vulnerability is network exploitable, network traffic analysis tools could be used to detect suspicious or malformed input packets targeting the NR modem.
However, no specific detection commands or signatures are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
The available information does not specify explicit mitigation steps or patches.
General best practices would include updating affected devices to the latest firmware or software versions provided by the vendor that address this vulnerability.
Additionally, limiting network exposure of the NR modem and monitoring for unusual behavior may help reduce risk until a fix is applied.