CVE-2025-71256 Overview
CVE-2025-71256 is an improper input validation vulnerability in the Unisoc 5G New Radio (NR) modem. The flaw allows a remote attacker to trigger a denial of service condition without requiring authentication, user interaction, or elevated privileges. Successful exploitation disrupts modem availability on affected devices, impacting cellular connectivity for users.
The vulnerability is reachable over the network via the 5G NR radio interface. No additional execution privileges are required to trigger the condition. Unisoc disclosed the issue through its Product Security Bulletin.
Critical Impact
Remote attackers can cause a denial of service against the NR modem with no privileges or user interaction, disrupting cellular connectivity on affected devices.
Affected Products
- Unisoc NR modem (5G New Radio modem firmware)
- Devices integrating the affected Unisoc baseband chipset
- See the Unisoc Product Security Bulletin for the full list of impacted models
Discovery Timeline
- 2026-05-06 - CVE-2025-71256 published to NVD
- 2026-05-07 - Last updated in NVD database
Technical Details for CVE-2025-71256
Vulnerability Analysis
The vulnerability resides in the Unisoc 5G NR modem firmware, which fails to properly validate input received over the radio interface. When the modem processes a malformed message, the absent or insufficient validation causes the modem subsystem to enter an unstable state, terminating cellular service.
The attack surface is the 5G NR signaling stack, which parses control-plane messages from the network. An attacker operating a rogue base station, or one with the ability to inject crafted signaling traffic, can reach the vulnerable code path remotely. Confidentiality and integrity are not affected — the impact is limited to availability.
Root Cause
The root cause is improper input validation in the NR modem's message parsing logic. The firmware does not adequately verify the structure or bounds of fields in incoming radio protocol messages before processing them. Unisoc has not publicly disclosed the specific protocol message or field responsible. Refer to the Unisoc Product Security Bulletin for vendor-supplied technical details.
Attack Vector
Exploitation requires network adjacency to a target device on a 5G NR connection. An attacker can deploy a rogue gNodeB or perform signaling injection to deliver a crafted NR message to the victim modem. Because the flaw triggers without authentication or user interaction, mass exploitation against devices in radio range is feasible. The result is a modem crash or hang, severing cellular data and voice service until the modem recovers or the device is restarted. No verified proof-of-concept code is publicly available.
Detection Methods for CVE-2025-71256
Indicators of Compromise
- Unexpected loss of cellular connectivity across multiple devices in the same physical area
- Repeated modem resets, baseband restarts, or radio interface re-registration events in device logs
- Presence of unauthorized or unrecognized gNodeB / base station identifiers in the vicinity
Detection Strategies
- Monitor mobile device management (MDM) telemetry for spikes in modem crash reports or radio subsystem failures
- Correlate cellular outage reports with geolocation data to identify localized clusters indicative of a rogue base station
- Review carrier-side signaling logs for malformed NR control-plane messages targeting subscriber devices
Monitoring Recommendations
- Track baseband firmware versions across the device fleet to verify patch deployment status
- Enable detailed modem diagnostic logging on a sample of devices to capture pre-crash signaling traces
- Subscribe to the Unisoc Product Security Bulletin for advisory updates referencing CVE-2025-71256
How to Mitigate CVE-2025-71256
Immediate Actions Required
- Apply the firmware update from the device OEM as soon as it incorporates the Unisoc patch for CVE-2025-71256
- Identify all devices in the fleet using affected Unisoc baseband chipsets and prioritize them for update
- Educate users to report sudden, repeated loss of cellular service, which may indicate active exploitation
Patch Information
Unisoc has issued a fix referenced in its Product Security Bulletin. Patch delivery depends on the device OEM and carrier integration cycle. Consult the Unisoc Product Security Bulletin and the device manufacturer's update channel for availability.
Workarounds
- Restrict affected devices to 4G LTE where operationally acceptable, bypassing the vulnerable NR signaling path
- Avoid use of affected devices in untrusted radio environments until firmware updates are applied
- Power-cycle the device to restore connectivity after a suspected exploitation event
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

