PT-2025-27519 · Asr180X+2 · Asr180X+3
Published
2025-07-01
·
Updated
2025-12-22
·
CVE-2025-49492
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
ASR180x versions prior to v1536
Falcon Linux versions prior to v1536
Kestrel versions prior to v1536
Lapwing Linux versions prior to v1536
Description:
The issue is an out-of-bounds write in the lte-telephony component of ASR180x, which may cause a buffer underrun. This is associated with program files in apps/atcmd server/src/dev api.C.
Recommendations:
For ASR180x versions prior to v1536, update to version v1536 or later.
For Falcon Linux versions prior to v1536, update to version v1536 or later.
For Kestrel versions prior to v1536, update to version v1536 or later.
For Lapwing Linux versions prior to v1536, update to version v1536 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Asr180X
Falcon Linux
Kestrel
Lapwing Linux