Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk management and strategy The assessment, identification and management of material risks from cybersecurity threats are integrated into the Company’s overall risk management processes. The Enterprise Information Security Committee (EISC) is responsible for assessing the risk level of information security and cybersecurity, taking appropriate actions and regularly reviewing the effectiveness of these actions. Cybersecurity risks and related matters are reported to the Enterprise Risk Management Committee, which manages and provides oversight of overall enterprise risk, regularly reviews the possibility of risk occurrence and the potential change of severity over time, and understands and assesses the effectiveness of risk management programs and related control operations. We engage third parties in connection with such information security risk management processes. We strengthened our information security process and cybersecurity risk management by introducing information security management system certification such as ISO27001, ISO15408, etc. to reduce security risk and production anomaly. Continuous improvement is carried out through annual recertification audit by third parties. We also conduct regular penetration tests by third parties as well as reinforcements and repairs to reduce information security risks. We have established processes to oversee and identify risks from cybersecurity threats associated with use of any third-party service provider. We also built a comprehensive multi-layer defense mechanism including firewall, intrusion detection, antivirus system, vulnerability scanning, patch management procedure and penetration testing. While using third-party service, we have implemented information security and cybersecurity management measures, including encrypting data and tracing logs, to achieve effective information protection. The risks from cybersecurity threats may not only expose the Company to the risks of data leakage and ransom threats, but may also interrupt the production system, causing serious operating losses or even damaging the reputation of the Company. In response to previous cybersecurity incidents and potential cyber-attacks, we have enhanced cybersecurity protection mechanisms such as upgrading the antivirus software with behavior-based detection capability and implemented strict information device in/out management to minimize potential impact. We also obtained information security insurance since 2019 as one of the measures to mitigate information security risks. Besides, we joined SEMICON TAIWAN cybersecurity committee to contribute as a local enterprise responsibility. Governance Our information security and cybersecurity policy, which is deployed in us and our subsidiaries, is based on the following principles: (i) to establish Information Security Management rules in accordance to customer requirements, (ii) to reach a consensus that information security is everyone’s responsibility through full awareness, (iii) to protect information confidentiality, integrity and availability for us and our customers, and (iv) to provide a safe production environment to ensure sustainable operation of our business. The major information security and cybersecurity objectives are aimed at antivirus, anti-intrusion and anti-leakage through the building of multiple internal controls such as firewalls, intrusion detection and antivirus systems to enhance our ability to defend against external attacks and to protect internal confidential information. For our written information security and cybersecurity policy, please refer to our website: http://www.umc.com/en/Html/information_security_risk_management . The EISC is responsible for implementing our information security management plan, establishing and maintaining the information security management system, and coordinating the formulation and compliance of related policies. The EISC management objectives include assessing, identifying and managing material risks from cybersecurity threats, and being informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents through building the multi-layer information security protection mechanism. The Information Security Technology task members of the EISC have relevant expertise in information security such as network management, system management, database management, application development and information security protection. The Vice President of Digital Function organization serves as Chief Information Security Officer (CISO) of EISC , and is responsible for establishing and maintaining the information security/cyber security strategy and processes that protect information assets. The EISC holds semiannual meetings to review information security risks and measures and strategies adopted by us, ensuring the adequacy, suitability and effectiveness of our information security management system. The EISC reports to the board of directors on the effectiveness of the information security strategy annually. Our independent director Jyuo-Min Shyu, who has relevant experience in information security, oversees and regularly reviews our information security and cyber security strategy.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	The assessment, identification and management of material risks from cybersecurity threats are integrated into the Company’s overall risk management processes. The Enterprise Information Security Committee (EISC) is responsible for assessing the risk level of information security and cybersecurity, taking appropriate actions and regularly reviewing the effectiveness of these actions. Cybersecurity risks and related matters are reported to the Enterprise Risk Management Committee, which manages and provides oversight of overall enterprise risk, regularly reviews the possibility of risk occurrence and the potential change of severity over time, and understands and assesses the effectiveness of risk management programs and related control operations.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	The risks from cybersecurity threats may not only expose the Company to the risks of data leakage and ransom threats, but may also interrupt the production system, causing serious operating losses or even damaging the reputation of the Company. In response to previous cybersecurity incidents and potential cyber-attacks, we have enhanced cybersecurity protection mechanisms such as upgrading the antivirus software with behavior-based detection capability and implemented strict information device in/out management to minimize potential impact. We also obtained information security insurance since 2019 as one of the measures to mitigate information security risks. Besides, we joined SEMICON TAIWAN cybersecurity committee to contribute as a local enterprise responsibility.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Enterprise Information Security Committee (EISC) is responsible for assessing the risk level of information security and cybersecurity, taking appropriate actions and regularly reviewing the effectiveness of these actions. Cybersecurity risks and related matters are reported to the Enterprise Risk Management Committee, which manages and provides oversight of overall enterprise risk, regularly reviews the possibility of risk occurrence and the potential change of severity over time, and understands and assesses the effectiveness of risk management programs and related control operations.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our independent director Jyuo-Min Shyu, who has relevant experience in information security, oversees and regularly reviews our information security and cyber security strategy.
Cybersecurity Risk Role of Management [Text Block]	The EISC is responsible for implementing our information security management plan, establishing and maintaining the information security management system, and coordinating the formulation and compliance of related policies. The EISC management objectives include assessing, identifying and managing material risks from cybersecurity threats, and being informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents through building the multi-layer information security protection mechanism. The Information Security Technology task members of the EISC have relevant expertise in information security such as network management, system management, database management, application development and information security protection. The Vice President of Digital Function organization serves as Chief Information Security Officer (CISO) of EISC , and is responsible for establishing and maintaining the information security/cyber security strategy and processes that protect information assets. The EISC holds semiannual meetings to review information security risks and measures and strategies adopted by us, ensuring the adequacy, suitability and effectiveness of our information security management system. The EISC reports to the board of directors on the effectiveness of the information security strategy annually. Our independent director Jyuo-Min Shyu, who has relevant experience in information security, oversees and regularly reviews our information security and cyber security strategy.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The Vice President of Digital Function organization serves as Chief Information Security Officer (CISO) of EISC , and is responsible for establishing and maintaining the information security/cyber security strategy and processes that protect information assets.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The Information Security Technology task members of the EISC have relevant expertise in information security such as network management, system management, database management, application development and information security protection.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The EISC reports to the board of directors on the effectiveness of the information security strategy annually.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk management and strategy

The assessment, identification and management of material risks from cybersecurity threats are integrated into the Company’s overall risk management processes. The Enterprise Information Security Committee (EISC) is responsible for assessing the risk level of information security and cybersecurity, taking appropriate actions and regularly reviewing the effectiveness of these actions. Cybersecurity risks and related matters are reported to the Enterprise Risk Management Committee, which manages and provides oversight of overall enterprise risk, regularly reviews the possibility of risk occurrence and the potential change of severity over time, and understands and assesses the effectiveness of risk management programs and related control operations.

We engage third parties in connection with such information security risk management processes. We strengthened our information security process and cybersecurity risk management by introducing information security management system certification such as ISO27001, ISO15408, etc. to reduce security risk and production anomaly. Continuous improvement is carried out through annual recertification audit by third parties. We also conduct regular penetration tests by third parties as well as reinforcements and repairs to reduce information security risks.

We have established processes to oversee and identify risks from cybersecurity threats associated with use of any third-party service provider. We also built a comprehensive multi-layer defense mechanism including firewall, intrusion detection, antivirus system, vulnerability scanning, patch management procedure and penetration testing. While using third-party service, we have implemented information security and cybersecurity management measures, including encrypting data and tracing logs, to achieve effective information protection.

The risks from cybersecurity threats may not only expose the Company to the risks of data leakage and ransom threats, but may also interrupt the production system, causing serious operating losses or even damaging the reputation of the Company. In response to previous cybersecurity incidents and potential cyber-attacks, we have enhanced cybersecurity protection mechanisms such as upgrading the antivirus software with behavior-based detection capability and implemented strict information device in/out management to minimize potential impact. We also obtained information security insurance since 2019 as one of the measures to mitigate information security risks. Besides, we joined SEMICON TAIWAN cybersecurity committee to contribute as a local enterprise responsibility.

Governance

Our information security and cybersecurity policy, which is deployed in us and our subsidiaries, is based on the following principles: (i) to establish Information Security Management rules in accordance to customer requirements, (ii) to reach a consensus that information security is everyone’s responsibility through full awareness, (iii) to protect information confidentiality, integrity and availability for us and our customers, and (iv) to provide a safe production environment to ensure sustainable operation of our business. The major information security and cybersecurity objectives are aimed at antivirus, anti-intrusion and anti-leakage through the building of multiple internal controls such as firewalls, intrusion detection and antivirus systems to enhance our ability to defend against external attacks and to protect internal confidential information. For our written information security and cybersecurity policy, please refer to our website:

http://www.umc.com/en/Html/information_security_risk_management

The EISC is responsible for implementing our information security management plan, establishing and maintaining the information security management system, and coordinating the formulation and compliance of related policies. The EISC management objectives include assessing, identifying and managing material risks from cybersecurity threats, and being informed about and monitor the prevention, detection, mitigation and remediation of cybersecurity incidents through building the multi-layer information security protection mechanism. The Information Security Technology task members of the EISC have relevant expertise in information security such as network management, system management, database management, application development and information security protection.

The Vice President of Digital Function organization serves as Chief Information Security Officer (CISO) of EISC

, and is responsible for establishing and maintaining the information security/cyber security strategy and processes that protect information assets. The EISC holds semiannual meetings to review information security risks and measures and strategies adopted by us, ensuring the adequacy, suitability and effectiveness of our information security management system. The EISC reports to the board of directors on the effectiveness of the information security strategy annually. Our independent director

Jyuo-Min

Shyu, who has relevant experience in information security, oversees and regularly reviews our information security and cyber security strategy.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Enterprise Information Security Committee (EISC) is responsible for assessing the risk level of information security and cybersecurity, taking appropriate actions and regularly reviewing the effectiveness of these actions. Cybersecurity risks and related matters are reported to the Enterprise Risk Management Committee, which manages and provides oversight of overall enterprise risk, regularly reviews the possibility of risk occurrence and the potential change of severity over time, and understands and assesses the effectiveness of risk management programs and related control operations.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our independent director

Jyuo-Min

Shyu, who has relevant experience in information security, oversees and regularly reviews our information security and cyber security strategy.

Cybersecurity Risk Role of Management [Text Block]

The Vice President of Digital Function organization serves as Chief Information Security Officer (CISO) of EISC

Jyuo-Min

Shyu, who has relevant experience in information security, oversees and regularly reviews our information security and cyber security strategy.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

The Vice President of Digital Function organization serves as Chief Information Security Officer (CISO) of EISC

, and is responsible for establishing and maintaining the information security/cyber security strategy and processes that protect information assets.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The Information Security Technology task members of the EISC have relevant expertise in information security such as network management, system management, database management, application development and information security protection.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The EISC reports to the board of directors on the effectiveness of the information security strategy annually.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true