A high-severity vulnerability in NR modem firmware allows for a system crash via improper input validation, leading to a denial-of-service condition for 5G connectivity.

This vulnerability is caused by a failure to validate inputs within the New Radio (NR) modem stack. An unauthenticated attacker can send crafted packets over the air to trigger a system crash in the modem's processing unit.

The primary impact is a Denial of Service (DoS) that disconnects the device from the 5G network. For businesses relying on 5G for critical infrastructure or remote operations, this could lead to significant downtime. The CVSS score of 7.5 indicates a High severity due to the ease of triggering the crash and the resulting impact on availability.

Immediate Action: Apply the latest security patches provided by the hardware vendor or cellular service provider immediately.

Proactive Monitoring: Implement network-level monitoring to detect repeated connection failures or "re-attach" requests from devices in the same geographic area.

Compensating Controls: For critical infrastructure, ensure redundant communication paths (e.g., Wi-Fi or LTE fallback) are available in the event of a 5G modem crash.

Public Exploit Available: false

Immediate remediation through firmware updates is the only effective way to mitigate this risk. Organizations should coordinate with their hardware suppliers to ensure that the 5G modem firmware is updated across the entire fleet of devices to prevent widespread service disruption.