CVE-2025-71253
Published: 06 May 2026
Description
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
Security SummaryAI
CVE-2025-71253 is an improper input validation vulnerability in Modem IMS, a component likely associated with Unisoc modem implementations. Published on 2026-05-06, it enables remote denial of service without requiring additional execution privileges. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its potential for high-impact availability disruption.
Attackers can exploit this vulnerability remotely over the network with low complexity, no privileges, and no user interaction required. Any unauthenticated remote actor capable of sending malformed input to the affected Modem IMS component could trigger the denial of service, rendering the service unavailable and potentially impacting device connectivity or telephony functions.
Unisoc has published a product security bulletin addressing this vulnerability at https://www.unisoc.com/en/support/product-security-bulletin/2051836844671422466, which security practitioners should consult for details on patches, workarounds, or mitigation guidance.
Details
- CWE(s)