CVE-2025-11131 – This vulnerability in nr modem software allows ... (How to Fix)

Q: What is the severity of CVE-2025-11131?

CVE-2025-11131 has a CVSS score of 7.5 (HIGH). This vulnerability in nr modem software allows remote attackers to cause a system crash through improper input validation, leading to denial of service. It affects systems using Unisoc's nr modem components, potentially impacting mobile devices and IoT equipment. No authentication is required for exploitation.

📋 TL;DR

This vulnerability in nr modem software allows remote attackers to cause a system crash through improper input validation, leading to denial of service. It affects systems using Unisoc's nr modem components, potentially impacting mobile devices and IoT equipment. No authentication is required for exploitation.

💻 Affected Systems

Products:

Unisoc nr modem components

Versions: Specific versions not detailed in advisory

Operating Systems: Embedded systems using Unisoc modems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Unisoc nr modem chipsets; exact product list not specified in available advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash requiring physical reboot, potentially disrupting critical communications in affected devices.

🟠

Likely Case

Temporary denial of service affecting modem functionality until system restart.

🟢

If Mitigated

Limited impact with proper network segmentation and input validation controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

No authentication required, but specific exploitation details not publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in advisory

Vendor Advisory: https://www.unisoc.com/en/support/announcement/1995394837938163714

Restart Required: Yes

Instructions:

1. Contact Unisoc for specific patch details. 2. Apply firmware update for affected modem components. 3. Reboot affected devices.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate affected modem components from untrusted networks

Input Validation Filtering

all

Implement network-level input validation for modem communications

🧯 If You Can't Patch

Implement strict network access controls to limit exposure to modem interfaces
Monitor for abnormal modem behavior and system crashes

🔍 How to Verify

Check if Vulnerable:

Check device specifications for Unisoc nr modem components and consult vendor for vulnerability status

Check Version:

Device-specific; consult manufacturer documentation

Verify Fix Applied:

Verify modem firmware version against vendor's patched version list

📡 Detection & Monitoring

Log Indicators:

Unexpected modem resets
System crash logs mentioning modem components
Abnormal modem state changes

Network Indicators:

Unusual traffic patterns to modem interfaces
Malformed packets targeting modem ports

SIEM Query:

Not applicable without specific log formats

📊 Metadata

CVE ID: CVE-2025-11131

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score: 0.17% exploit probability (38.8th percentile)

Published: December 1, 2025

Last Updated: December 1, 2025

🔗 References

https://www.unisoc.com/en/support/announcement/1995394837938163714 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Android by Google

Android by Google

Android by Google

Android by Google

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Input Validation Filtering

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export