Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
In IMS, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
AnalysisAI
Remote attackers can crash Unisoc chipset IMS (IP Multimedia Subsystem) implementations through network-accessible malformed input, causing complete denial of service with no authentication required. Affects 17 Unisoc chipset models (SC7731E, SC9832E, SC9863A, T-series T310 through T8300) used in mobile devices. CVSS 7.5 (High) reflects direct network exposure and ease of exploitation (AV:N/AC:L/PR:N), though impact is limited to availability. No public exploit code identified at time of analysis, and EPSS data not available for assessment.
Technical ContextAI
IMS (IP Multimedia Subsystem) is the 3GPP standardized framework for delivering voice and multimedia services over IP networks, including VoLTE (Voice over LTE) and Wi-Fi calling. This vulnerability exists in Unisoc's IMS stack implementation across multiple mobile chipset platforms (SC-series and T-series). The root cause involves insufficient input validation when processing network traffic destined for IMS services. Unisoc chipsets are widely deployed in budget and mid-range smartphones, particularly in Asian and emerging markets. The affected CPE indicates platform-level vulnerability spanning 17 distinct chipset models from entry-level (SC7731E) to mid-range (T8300) processors. Without CWE classification, the precise validation failure type is unclear, but network-reachable input validation flaws in IMS typically involve SIP message parsing, SDP negotiation, or XCAP configuration protocols.
RemediationAI
Apply firmware updates from Unisoc or device manufacturers incorporating the IMS input validation fixes for affected chipset models per the vendor security bulletin at https://www.unisoc.com/en/support/product-security-bulletin/2051836844671422466. End users should check with device manufacturers (OEMs) for security updates addressing CVE-2025-71251. If patches are unavailable or delayed, network-level mitigations include restricting IMS traffic to known carrier IP ranges through firewall rules (though this may be impractical for mobile devices), or temporarily disabling VoLTE and Wi-Fi calling features in device settings to reduce IMS attack surface, accepting reduced call quality and fallback to legacy circuit-switched voice. Enterprise mobility management solutions can enforce configuration policies disabling IMS features on managed devices pending patch deployment. For carrier networks, implement anomaly detection for malformed IMS signaling traffic patterns that could indicate exploitation attempts.
More in Sc7731E Sc9832E Sc9863A T310 T610 T618 T7200 T7225 T7250 T7255 T7280 T7300 T8100 T9100 T8200 T8300
View allRemote denial of service in the IMS (IP Multimedia Subsystem) implementation of Unisoc mobile chipsets allows an unauthe
Remote denial of service in Unisoc modem IMS implementation across 16 chipset families (SC7731E through T8300) allows un
Remote denial of service in Unisoc modem IMS (IP Multimedia Subsystem) implementation allows unauthenticated network att
Remote denial of service in Unisoc modem IMS stack allows network attackers to crash affected devices through malformed
Remote denial of service in Unisoc Modem IMS stack allows unauthenticated network attackers to crash mobile devices thro
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-209647
GHSA-rvm7-7x4c-96v8