CVE-2025-31718
Received
Published: 11 Oct 2025, 01:15
Last modified:11 Oct 2025, 01:15
Vulnerability Summary
Overall Risk
Medium Risk
39/100 CVSS Score
9.8 CRITICAL
v3.1
EPSS Score
No data
CISA KEV
Not listed
Ransomware
No reports
Exploits
None found
Dark Web
Not detected
In modem, there is a possible system crash due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed.
Source Identifier: security@unisoc.com
| CVSS | Source | Severity | Exploitability | Impact | Vector |
|---|---|---|---|---|---|
| v4.0 | n/a | ||||
| v3.1 | security@unisoc.com | 9.8 CRITICAL | 3.9 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H... |
| v3.0 | n/a | ||||
| v2.0 | n/a | ||||
Not listed in CISA Known Exploited Vulnerabilities catalog.
No dark web activity detected for this vulnerability.
No known public exploit code indexed (as of 11 Oct 2025, 01:15).
Exploitation status can change quickly once PoC code appears.
No affected systems information available.
| URL | Tags | Source |
|---|---|---|
| https://www.unisoc.com/en/support/announcement/1976557615080263681 | - | security@unisoc.com |