CVE-2025-71252

High

Published: 06 May 2026

Published

06 May 2026

Modified

06 May 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0006 19.7th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

Security SummaryAI

CVE-2025-71252 is an improper input validation vulnerability in the Modem IMS component. This issue affects software or devices incorporating Modem IMS, as detailed in the Unisoc product security bulletin. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), reflecting high severity due to its potential for significant availability impact.

The vulnerability enables a remote attacker to exploit it over the network with low attack complexity, requiring no authentication privileges or user interaction. Successful exploitation results in a denial of service condition on the affected Modem IMS, disrupting service availability without compromising confidentiality or integrity.

Mitigation guidance is available in the Unisoc product security bulletin at https://www.unisoc.com/en/support/product-security-bulletin/2051836844671422466.

Details

CWE(s): None listed

References

https://www.unisoc.com/en/support/product-security-bulletin/2051836844671422466
security@unisoc.com