How to fix CVE-2025-61612?

Within 24 hours: Inventory all NR modems in production and assess exposure scope; establish incident response readiness for potential DoS events. Within 7 days: Implement network segmentation to isolate modem management interfaces; enable enhanced monitoring and logging for anomalous traffic patterns directed at affected systems. Within 30 days: Contact vendor for patch availability timeline; evaluate alternative modem solutions; deploy compensating controls such as rate limiting and input validation at network boundaries.

Is Android affected by CVE-2025-61612?

CVE-2025-61612 affects NR modem systems and can be exploited remotely to cause service outages without requiring special privileges. Organizations operating these modems face potential denial of service attacks that could disrupt connectivity and business operations until patching becomes available.

CVE-2025-61612

HIGH

2026-03-09 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:56 vuln.today

CVE Published

Mar 09, 2026 - 09:16 nvd

HIGH 7.5

Description

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

Analysis

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. [CVSS 7.5 HIGH]

Technical Context

Classified as CWE-20 (Improper Input Validation). Affects Android. In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

Affected Products

Vendor: Google. Product: Android. Versions: up to 13.0.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +38

POC: 0

CVE-2025-61612 vulnerability details – vuln.today

Back

CVE-2025-61612

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-61612

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code