The vulnerability resides in the Modem IMS component of Unisoc's SC series processors. It arises from improper input validation that can be triggered by crafted packets. An attacker does not need elevated privileges; successfully exploiting the flaw can cause the modem to crash or reset, leading to a loss of network connectivity. The flaw results in a denial of service without affecting confidentiality or integrity, but it can disrupt communications for any user relying on the affected device.

Affected vendors and products include Unisoc (Shanghai) Technologies Co., Ltd., specifically the SC7731E, SC9832E, SC9863A, T310, T610, T618, T7200, T7225, T7250, T7255, T7280, T7300, T8100, T9100, T8200, and T8300. The vulnerability impacts the Modem IMS module within these chipsets or devices that incorporate them. The current data does not list a specific patched version, so users should consult the vendor for firmware updates.

With a CVSS score of 7.5, the flaw is considered high severity. The EPSS is unavailable, so the likelihood of exploitation cannot be quantified from EPSS data. The vulnerability is not listed in the CISA KEV catalog, suggesting there may be no known public exploitation campaigns. However, because the attacker can trigger the denial of service remotely by sending malformed traffic to the Modem IMS interface, the attack vector is likely network-based. The absence of privilege escalation means the threat is limited to service interruption, but it can severely affect availability for users of the affected devices.