CVE-2025-61613
Published: 09 March 2026
Summary
CVE-2025-61613 is a high-severity Improper Input Validation (CWE-20) vulnerability in Google Android. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 22.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-61613 is a vulnerability in the nr modem stemming from improper input validation (CWE-20), which can trigger a system crash. This issue affects the nr modem component, as indicated by the vendor's advisory.
A remote attacker requires no privileges, user interaction, or additional execution rights to exploit this over the network with low attack complexity. Successful exploitation results in a denial of service via system crash, with no impact on confidentiality or integrity. The CVSS v3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Unisoc has issued an announcement detailing the vulnerability at https://www.unisoc.com/en/support/announcement/2030931350138310657.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208388
Vulnerability details
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Improper input validation in nr modem enables remote unauthenticated exploitation causing system crash, directly matching Endpoint DoS via Application or System Exploitation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mandates input validation mechanisms at system entry points, preventing system crashes in the nr modem from malformed network inputs due to improper validation.
Protects against remote denial-of-service attacks like the nr modem crash by limiting effects and identifying sources of such exploits.
Ensures identification and correction of flaws like improper input validation in the nr modem, mitigating the vulnerability through timely remediation.