CVE-2025-58409 — Vulnetix

CVE-2025-58409 PUBLISHED CVSS 7.5 HIGH

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

EPSS 0.03% · 7.5th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.03%

7.5th percentile

Affected Products

Vendor	Product	Versions
Unisoc (Shanghai) Technologies Co., Ltd.	T7300/T8100/T9100/T8200/T8300	Android13/Android14/Android15/Android16

Exploit Intelligence

https://www.unisoc.com/en/support/announcement/2030931350138310657 (circl)
CIRCL seen: CVE-2025-61612 (circl-sighting)

Timeline

Jan 13, 2026 CVE Published
Jan 14, 2026 EPSS Score
Jan 14, 2026 CVE Updated
Jan 17, 2026 EPSS Score
Jan 20, 2026 EPSS Score
Jan 23, 2026 EPSS Score
Jan 26, 2026 EPSS Score
Jan 29, 2026 EPSS Score
Feb 1, 2026 EPSS Score
Feb 4, 2026 EPSS Score
Feb 7, 2026 EPSS Score
Feb 10, 2026 EPSS Score

References

https://source.android.com/docs/security/bulletin/2026/2026-03-01?hl=fr advisory
https://www.unisoc.com/en/support/announcement/2030931350138310657 url

Open in Interactive Console →