CVE-2025-61613 is a vulnerability identified in the NR (New Radio) modem firmware of Unisoc (Shanghai) Technologies Co., Ltd.'s T8100, T9100, T8200, and T8300 chipsets. These chipsets are integrated into various Android devices running versions 13 through 16. The root cause is improper input validation (CWE-20) within the modem's processing of network data, which can be manipulated remotely by an attacker to cause a system crash. This crash leads to a denial of service (DoS) condition, disrupting normal device operation. The vulnerability does not require any privileges or user interaction, making it remotely exploitable over the network. The CVSS v3.1 base score is 7.5, reflecting a high severity level due to the ease of exploitation (network vector, low attack complexity) and the impact limited to availability (no confidentiality or integrity impact). Although no patches or exploits are currently documented, the vulnerability's presence in widely deployed chipsets used in modern Android devices highlights the potential for significant disruption. The lack of execution privileges needed and the absence of user interaction requirements increase the risk profile. The vulnerability was reserved in late 2025 and published in early 2026, indicating recent discovery and disclosure.

The primary impact of CVE-2025-61613 is a remote denial of service on devices using affected Unisoc chipsets, which can cause system crashes and device unavailability. This can disrupt critical communications, especially in mobile networks relying on these chipsets for 5G NR connectivity. For organizations, this could mean loss of productivity, interrupted mobile services, and potential cascading effects if devices are used in operational technology or critical infrastructure. The lack of confidentiality or integrity compromise limits data breach risks, but the availability impact alone can be severe in environments dependent on continuous mobile connectivity. The vulnerability's ease of exploitation without authentication or user interaction increases the likelihood of widespread attacks once exploit code becomes available. This could affect individual users, enterprises, and service providers, particularly in regions with high market penetration of Unisoc-powered devices. The absence of known exploits currently provides a window for mitigation before active attacks emerge.

Organizations and users should monitor Unisoc and device vendor advisories for patches addressing this vulnerability and apply updates promptly once available. In the interim, network-level mitigations such as filtering or rate-limiting suspicious NR modem traffic could reduce exposure. Mobile network operators should consider deploying anomaly detection systems to identify unusual traffic patterns targeting NR modems. Device manufacturers should conduct thorough input validation testing on modem firmware to prevent similar issues. Enterprises deploying devices with these chipsets should implement mobile device management (MDM) policies to control device updates and monitor device health. Additionally, educating users about the importance of timely updates and avoiding untrusted networks can help reduce risk. Collaboration between chipset vendors, device manufacturers, and network operators is critical to ensure coordinated response and patch deployment. Given the lack of patches currently, proactive network defense and monitoring are essential to mitigate potential exploitation.