Report Vulnerability

Unisoc takes the security very seriously and strives to address any security-related issues quickly and appropriately. If you have found a potential security issue in any Unisoc product, please get in touch with us via email: security@unisoc.com. For encrypted communication, you may use our public key.

Information Required:

The following information will help us to evaluate your submission as quickly as possible. If available, please include it in your report:

The issue summary and impact.

Device(s), Product(s), and Software Version(s) (if Android, the Android version, and security patch level) are affected.

Vulnerability overview (e.g. buffer overflow, Out-of-bounds Read, etc.).

Issue description and impact (e.g. information disclosure, bypass the verification, etc.).

Instructions or Steps to Reproduce.

Supported Materials/References.

A proof-of-concept (POC) (including video, image, APK, sample code, etc.).

Expected correct behavior or workaround.

Disclosure plans, if any.

Information You May Care About

We try to address security issues and communicate to our customers within 90 days (e.g. through security bulletins). But there may be unforeseen problems that prevent us from doing so. We will keep you updated throughout the process at the right time.

Rate vulnerabilities based on the Common Vulnerability Scoring System version 3.1 (CVSS v3.1). We reserve the right to deviate from the guidelines if some specific cases are not described in the CVSS score.

Public Key

Please refer to the below information for encrypted communication to security@unisoc.com .
Key Detials:

    key fingerprint: 4280 B61A 1678 178E 28DF 0592 D9CB A039 EA1C 9C1C <PGP Public Key>.

    2026/4/1  [expires: 2028/4/1]