Cisco ASR180X Vulnerable to Out-of-Bounds Read Attack
CVE-2024-32631

7.2HIGH

Key Information:

Vendor: Asr
Status: Falcon/crane
Vendor: CVE Published:; 16 April 2024

What is CVE-2024-32631?

The out-of-bounds read vulnerability in the ciCCIOTOPT component of ASR180X poses significant risks to system integrity by allowing incorrect computations. This flaw can lead to unexpected behaviors in the application, which may potentially be exploited by attackers to gain unauthorized access or manipulate critical data. Users of ASR180X are urged to review their systems and apply available patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

Falcon/Crane Linux 0

References

https://www.asrmicro.com/en/goods/psirt?cid=38

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2024
Vulnerability Reserved
Apr 16, 2024

Asr

What is CVE-2024-32631?

Affected Version(s)

References

CVSS V3.1

Timeline