Arbitrary Value Left Over from Earlier Computations Affects Scalar Field
CVE-2024-32625

5.8MEDIUM

Key Information:

Vendor: Asr
Status: Falcon/crane
Vendor: CVE Published:; 16 April 2024

What is CVE-2024-32625?

A vulnerability exists in OffloadAMRWriter where a scalar field fails to initialize, potentially leading it to retain arbitrary values from previous computations. This flaw can pose significant security risks as it might allow unauthorized access to sensitive data or facilitate the exploitation of further vulnerabilities within affected ASR Micro products.

Affected Version(s)

Falcon/Crane Linux 0

References

https://www.asrmicro.com/en/goods/psirt?cid=38

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2024
Vulnerability Reserved
Apr 16, 2024

Asr

What is CVE-2024-32625?

Affected Version(s)

References

CVSS V3.1

Timeline