CVE-2025-71256

High

Published: 06 May 2026

Published

06 May 2026

Modified

06 May 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0008 22.2th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

Security SummaryAI

CVE-2025-71256 is a vulnerability involving improper input validation in the nr modem. This issue affects the nr modem component and was published on 2026-05-06T02:16:05.213 with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

A remote attacker with no privileges or user interaction required can exploit this vulnerability over the network with low attack complexity. Successful exploitation leads to a denial of service, resulting in high impact to availability with no impact to confidentiality or integrity.

Unisoc has published a product security bulletin addressing this vulnerability at https://www.unisoc.com/en/support/product-security-bulletin/2051836844671422466.

Details

CWE(s): None listed

References

https://www.unisoc.com/en/support/product-security-bulletin/2051836844671422466
security@unisoc.com