Out-of-bounds Access Vulnerability in ASR180x and ASR190x by the Vendor ASR Micro
CVE-2025-49480

7.4HIGH

Key Information:

Vendor

Asr

Status
Falcon Linux、kestrel、lapwing Linux
Vendor
CVE Published:
1 July 2025

What is CVE-2025-49480?

An out-of-bounds access vulnerability exists in ASR180x and ASR190x affecting the lte-telephony components, specifically within the program files of apps/lzma/src/LzmaEnc.c. This flaw can potentially allow unauthorized access to memory regions, posing a risk of data leakage and stability issues. The affected systems include Falcon_Linux, Kestrel, and Lapwing_Linux versions earlier than v1536.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Falcon_Linux、Kestrel、Lapwing_Linux Linux 0

References

https://www.asrmicro.com/en/goods/psirt?cid=40

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.