Login Sign Up

CVE-2025-61616

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in nr modem software allows remote attackers to cause a system crash through improper input validation, leading to denial of service. The attack requires no special privileges and affects systems using vulnerable nr modem implementations. This impacts telecommunications infrastructure and devices relying on this modem technology.

💻 Affected Systems

Products:
  • Unisoc nr modem implementations
Versions: Specific versions not detailed in reference; consult vendor advisory
Operating Systems: Embedded systems using affected modem firmware
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with nr modem functionality enabled; exact product models not specified in available information

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash leading to extended service disruption, potentially affecting multiple connected devices or network segments.

🟠

Likely Case

Temporary denial of service affecting individual devices or localized network segments until system restart.

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring, allowing quick detection and recovery.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Remote exploitation without authentication suggests relatively straightforward attack vectors

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Consult vendor advisory for specific patched versions

Vendor Advisory: https://www.unisoc.com/en/support/announcement/2030931350138310657

Restart Required: Yes

Instructions:

1. Review vendor advisory for affected products
2. Obtain firmware update from vendor
3. Apply firmware update following vendor instructions
4. Restart affected systems

🔧 Temporary Workarounds

Network segmentation

all

Isolate vulnerable modem systems from untrusted networks

Input validation at network perimeter

all

Implement additional input validation at network boundaries

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure to trusted sources only
  • Monitor for abnormal modem behavior and system crashes with automated alerting

🔍 How to Verify

Check if Vulnerable:

Check modem firmware version against vendor advisory; monitor for unexplained system crashes

Check Version:

Vendor-specific command; consult device documentation

Verify Fix Applied:

Verify firmware version matches patched version from vendor advisory; test system stability

📡 Detection & Monitoring

Log Indicators:

  • Unexpected system crashes
  • Modem error messages
  • Kernel panic logs

Network Indicators:

  • Unusual traffic patterns to modem interfaces
  • Connection attempts to modem ports

SIEM Query:

Search for 'crash', 'panic', or 'modem error' in system logs within short timeframes

📊 Metadata

CVE ID: CVE-2025-61616
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-20
Published: March 9, 2026
Last Updated: March 9, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61616, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)