CVE-2025-61610 is a vulnerability identified in the NR (New Radio) modem component of Unisoc (Shanghai) Technologies Co., Ltd.'s T8100, T9100, T8200, and T8300 chipsets. These chipsets are integrated into various mobile devices running Android versions 13 through 16. The root cause of the vulnerability is improper input validation (CWE-20), which allows specially crafted remote inputs to cause a system crash. This leads to a denial of service (DoS) condition without requiring any authentication or user interaction, making exploitation straightforward over the network. The vulnerability affects the availability of the device by crashing the modem subsystem, potentially disrupting cellular connectivity and device functionality. The CVSS v3.1 base score is 7.5, reflecting a high severity due to network attack vector, low attack complexity, no privileges required, and no user interaction needed. While there are no known exploits in the wild yet, the vulnerability poses a significant risk to devices using these chipsets, especially in environments where continuous connectivity is critical. No patches have been published at the time of disclosure, so mitigation relies on network controls and monitoring. The vulnerability does not impact confidentiality or integrity but can cause service outages, which may affect user experience and operational continuity in affected devices.

For European organizations, the primary impact of CVE-2025-61610 is the potential for remote denial of service on mobile devices using Unisoc T8100/T9100/T8200/T8300 chipsets. This can disrupt cellular connectivity, affecting communication, data access, and mobile-dependent operations. Critical sectors such as telecommunications, emergency services, finance, and government agencies relying on mobile networks could experience operational interruptions. The vulnerability could also impact IoT devices and embedded systems using these chipsets, potentially affecting industrial control systems or smart city infrastructure. Although the vulnerability does not compromise data confidentiality or integrity, the loss of availability can lead to productivity losses, service downtime, and increased operational risk. The ease of exploitation without authentication or user interaction increases the threat level, especially in environments with exposed network interfaces. Organizations with mobile fleets or BYOD policies should be aware of this risk and prepare incident response plans for potential DoS scenarios.

1. Monitor vendor communications closely for official patches or firmware updates addressing this vulnerability and apply them promptly once available. 2. Implement network-level filtering and intrusion prevention systems (IPS) to detect and block malformed or suspicious NR modem traffic that could trigger the crash. 3. Employ mobile device management (MDM) solutions to monitor device health and automate patch deployment when updates are released. 4. Restrict network exposure of vulnerable devices by limiting access to trusted networks and using VPNs or private APNs where possible. 5. Conduct regular security assessments and penetration testing focusing on mobile network components to identify potential exploitation attempts. 6. Educate users and IT staff about signs of device instability or unexpected reboots that may indicate exploitation attempts. 7. Collaborate with telecom providers to understand the deployment footprint of Unisoc chipsets and coordinate mitigation efforts. 8. Prepare incident response plans specifically addressing denial of service scenarios affecting mobile connectivity.