Improper Resource Shutdown in ASR180x and ASR190x Router Modules by ASR Micro
CVE-2025-49481

5.4MEDIUM

Key Information:

Vendor: Asr
Status: Falcon Linux、kestrel、lapwing Linux
Vendor: CVE Published:; 1 July 2025

What is CVE-2025-49481?

An improper resource shutdown or release vulnerability exists in ASR180x and ASR190x router modules, impacting systems running Falcon_Linux, Kestrel, and Lapwing_Linux versions prior to v1536. This flaw can lead to resource leak exposure, potentially allowing unauthorized access to critical system resources and jeopardizing overall system security.

Affected Version(s)

Falcon_Linux、Kestrel、Lapwing_Linux Linux 0

References

https://www.asrmicro.com/en/goods/psirt?cid=40

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 1, 2025
Vulnerability Reserved
Jun 5, 2025

Asr

What is CVE-2025-49481?

Affected Version(s)

References

CVSS V3.1

Timeline