CVE-2025-31717

CVSS 7.5 HIGHEPSS 0.6%

In short

A modem can crash when it receives specially crafted network messages due to lack of proper input checking. An attacker can remotely cause the modem to stop working without needing any special access.

Technical detail

The vulnerability exists in the modem's input validation layer, allowing an unauthenticated remote attacker to send malformed packets that trigger a crash condition. The attack vector is network-based with no privilege escalation required, resulting in denial of service availability impact.

Summary generated and translated by AI from the official description.

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Unisoc (Shanghai) Technologies Co., Ltd. · T750/T765/T760/T770/T820/S8000/T8300/T9300

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.unisoc.com/en/support/announcement/1976557615080263681