Security Bulletin

Summary
  • Security CVES
  • High CVE-2025-61610,CVE-2025-61609,CVE-2025-61608,CVE-2025-61607,CVE-2025-61619,CVE-2025-61618,CVE-2025-61617,CVE-2025-3012,CVE-2025-11133,CVE-2025-11132,CVE-2025-11131
Minutia
  • CVE ID CVE-2025-61610
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-61609
  • Title Improper Input Validation in modem
  • Description

    In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-61608
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-61607
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-61619
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-61618
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-61617
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-3012
  • Title Out-of-bounds Read in dpc modem
  • Description

    In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-125 Out-of-bounds Read
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-11133
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-11132
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

  • CVE ID CVE-2025-11131
  • Title Improper Input Validation in nr modem
  • Description

    In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

  • Technology Area Modem
  • Vulnerability Type CWE-20 Improper Input Validation
  • Access Vector Network
  • CVSS Rating High
  • CVSS Score 7.5
  • CVSS String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Affected Chipsets*

    T8100/T8200/T8300/T9100

  • Affected Software Versions

    Android13/Android14/Android15/Android16

*The list of affected chipsets may not be complete. For latest information, device OEMs can contact directly at https://unisupport.unisoc.com

Vulnerability type definition
  • Abbreviation Interpretation
  • RCE Remote Code Execution
  • EoP Elevation of Privilege
  • ID Information Disclosure
  • DoS Denial of Service
  • N/A Classification not available
Version
  • Version Date Description
  • 1.0 2025-12-01