CVE-2025-13952 — Vulnetix

CVE-2025-13952 PUBLISHED CVSS 7.5 HIGH

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

EPSS 0.03% · 7.7th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.03%

7.7th percentile

Affected Products

Vendor	Product	Versions
Unisoc (Shanghai) Technologies Co., Ltd.	T7300/T8100/T9100/T8200/T8300	*

Exploit Intelligence

https://www.unisoc.com/en/support/announcement/2030931350138310657 (circl)
CIRCL seen: CVE-2025-61612 (circl-sighting)

Timeline

Dec 3, 2025 CVE ID Reserved
Jan 24, 2026 EPSS Score
Jan 24, 2026 CVE Published
Jan 26, 2026 CVE Updated
Jan 27, 2026 EPSS Score
Jan 29, 2026 EPSS Score
Feb 1, 2026 EPSS Score
Feb 3, 2026 EPSS Score
Feb 6, 2026 EPSS Score
Feb 9, 2026 EPSS Score
Feb 11, 2026 EPSS Score
Feb 14, 2026 EPSS Score

References

https://source.android.com/docs/security/bulletin/2026/2026-03-01?hl=fr advisory
https://www.unisoc.com/en/support/announcement/2030931350138310657 url

Open in Interactive Console →