CVE-2025-61612 is a vulnerability identified in the NR (New Radio) modem firmware of several Unisoc chipsets: T7300, T8100, T9100, T8200, and T8300. These chipsets are integrated into various mobile devices running Android versions 13 through 16. The root cause is improper input validation (classified under CWE-20), which allows specially crafted network packets to trigger a system crash in the modem subsystem. This crash leads to a denial of service condition remotely, without requiring any authentication or user interaction, making it exploitable over the network with low complexity. The vulnerability affects the availability of the device's cellular modem functionality, potentially disrupting voice, data, and emergency services. The CVSS v3.1 base score is 7.5, reflecting high severity due to network attack vector, no privileges required, and no user interaction needed. No impact on confidentiality or integrity is noted. No public exploits have been reported yet, but the vulnerability is published and should be considered a significant risk for affected devices. The lack of patches at the time of reporting necessitates proactive mitigation strategies. The vulnerability is particularly relevant for mobile operators, device manufacturers, and end-users relying on Unisoc chipsets in their Android devices.

The primary impact of CVE-2025-61612 is a remote denial of service affecting the cellular modem functionality of devices using the specified Unisoc chipsets. This can lead to temporary or prolonged loss of network connectivity, affecting voice calls, SMS, mobile data, and emergency services. For organizations, this could disrupt critical communications, especially in sectors relying on mobile connectivity for operations such as emergency response, logistics, and remote work. The ease of exploitation (no privileges or user interaction needed) increases the risk of widespread attacks, potentially targeting large populations of devices. Although no confidentiality or integrity compromise is indicated, the availability impact alone can cause significant operational and reputational damage. The vulnerability could be leveraged in targeted attacks or mass disruption campaigns, particularly in regions with high Unisoc device penetration. The absence of known exploits currently provides a window for mitigation before active exploitation occurs.

1. Monitor Unisoc and device manufacturer advisories closely for official patches addressing this vulnerability and apply them promptly once available. 2. Until patches are released, implement network-level filtering to block or limit suspicious NR modem traffic patterns that could trigger the vulnerability. 3. Employ intrusion detection and prevention systems (IDS/IPS) capable of recognizing anomalous modem signaling or malformed packets targeting the NR modem. 4. For enterprise deployments, consider mobile device management (MDM) policies to restrict device network access or isolate vulnerable devices from critical infrastructure. 5. Encourage users to update their devices regularly and avoid connecting to untrusted or public cellular networks that may be used to exploit this vulnerability. 6. Collaborate with mobile network operators to monitor for unusual traffic patterns indicative of exploitation attempts. 7. Conduct internal testing on devices with affected chipsets to understand the impact and develop incident response plans for potential DoS events. 8. Maintain backups and alternative communication channels to mitigate operational disruptions caused by potential modem outages.