CVE-2025-31715 CRITICAL

CVE-2025-31715

Vendor Unisoc (Shanghai) Technologies Co., Ltd.
Product SL8521E/SL8521ET/ SL8541E/UIS8141E/UWS6137/UWS6137E/UWS6151(E)/UWS6152
Published August 18, 2025
Last update August 18, 2025

CVSS base score

9.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed.

Key dates

02Disclosure timeline

August 18, 2025 CVE published
August 18, 2025 Record updated