MidnightBSD

Advisories for asrmicro

CVE-2023-49699

Memory Corruption in IMS while calling VoLTE Streamingmedia Interface

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9
68630edc-a58c-4cbd-9b01-0e130455c8ae 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L 1.4 4.7

Products Affected

Vendor Product Version
asrmicro asr1806_firmware *
asrmicro asr1803_firmware *
CVE-2023-49700

Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destination buffer if the source buffer is too large.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
68630edc-a58c-4cbd-9b01-0e130455c8ae 6.7 MEDIUM CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L 1.4 4.7

Products Affected

Vendor Product Version
asrmicro asr1806_firmware cp01.057.063
asrmicro asr1803_firmware cp01.057.063
CVE-2023-49701

Memory Corruption in SIM management while USIMPhase2init

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
68630edc-a58c-4cbd-9b01-0e130455c8ae 7.2 HIGH CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:H 0.7 6.0

Products Affected

Vendor Product Version
asrmicro asr1806_firmware cp01.057.063
asrmicro asr1803_firmware cp01.057.063
CVE-2024-32625

In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H 1.3 4.0

Products Affected

Vendor Product Version
asrmicro asr3602_firmware *
asrmicro asr1806_firmware *
asrmicro asr1803_firmware *
asrmicro asr1603_firmware *
asrmicro asr3603_firmware *
asrmicro asr1803sc_firmware *
asrmicro asr1602_firmware *
asrmicro asr3605_firmware *
asrmicro asr1606_firmware *
asrmicro asr1605_firmware *
asrmicro asr1609_firmware *
asrmicro asr3607_firmware *
asrmicro asr1607_firmware *
CVE-2024-32631

Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 7.2 HIGH CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:H 1.3 5.3

Products Affected

Vendor Product Version
asrmicro asr3602_firmware *
asrmicro asr1806_firmware *
asrmicro asr1803_firmware *
asrmicro asr1603_firmware *
asrmicro asr3603_firmware *
asrmicro asr1803sc_firmware *
asrmicro asr1602_firmware *
asrmicro asr3605_firmware *
asrmicro asr1606_firmware *
asrmicro asr1605_firmware *
asrmicro asr1609_firmware *
asrmicro asr3607_firmware *
asrmicro asr1607_firmware *
CVE-2024-32632

A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 6.6 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H 2.1 4.0

Products Affected

Vendor Product Version
asrmicro asr3602_firmware *
asrmicro asr1806_firmware *
asrmicro asr1803_firmware *
asrmicro asr1603_firmware *
asrmicro asr3603_firmware *
asrmicro asr1803sc_firmware *
asrmicro asr1602_firmware *
asrmicro asr3605_firmware *
asrmicro asr1606_firmware *
asrmicro asr1605_firmware *
asrmicro asr1609_firmware *
asrmicro asr3607_firmware *
asrmicro asr1607_firmware *
CVE-2024-32633

An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 4.0 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L 0.9 2.7

Products Affected

Vendor Product Version
asrmicro asr3602_firmware *
asrmicro asr1806_firmware *
asrmicro asr1803_firmware *
asrmicro asr1603_firmware *
asrmicro asr3603_firmware *
asrmicro asr1803sc_firmware *
asrmicro asr1602_firmware *
asrmicro asr3605_firmware *
asrmicro asr1606_firmware *
asrmicro asr1605_firmware *
asrmicro asr1609_firmware *
asrmicro asr3607_firmware *
asrmicro asr1607_firmware *
CVE-2024-32634

In huge memory get unmapped area check, code can never be reached because of a logical contradiction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 6.1 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H 0.9 4.7

Products Affected

Vendor Product Version
asrmicro asr3602_firmware *
asrmicro asr1806_firmware *
asrmicro asr1803_firmware *
asrmicro asr1603_firmware *
asrmicro asr3603_firmware *
asrmicro asr1803sc_firmware *
asrmicro asr1602_firmware *
asrmicro asr3605_firmware *
asrmicro asr1606_firmware *
asrmicro asr1605_firmware *
asrmicro asr1609_firmware *
asrmicro asr3607_firmware *
asrmicro asr1607_firmware *
CVE-2025-49480

Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49481

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router modules allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pbwork-queue.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49482

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr098.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49483

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated with program files tr069/tr069_uci.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49488

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router components allows Resource Leak Exposure. This vulnerability is associated with program files router/phonebook/pb.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49489

Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr components) allows Resource Leak Exposure. This vulnerability is associated with program files con_mgr/dialer_task.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49490

Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with program files router/sms/sms.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49491

Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat modules) allows Resource Leak Exposure. This vulnerability is associated with program files traffic_stat/traffic_service/traffic_service.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-49492

Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun.  This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *
CVE-2025-5072

Resource leak vulnerability in ASR180x、ASR190x in con_mgr allows Resource Leak Exposure.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
68630edc-a58c-4cbd-9b01-0e130455c8ae 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L 2.8 2.5

Products Affected

Vendor Product Version
asrmicro kestrel *
asrmicro lapwing_linux *
asrmicro falcon_linux *