Asr1806 Firmware
CVE-2024-32625
MEDIUM
Severity by source
AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
Primary rating from Vendor (68630edc-a58c-4cbd-9b01-0e130455c8ae) · only source for this CVE.
CVSS VectorVendor: 68630edc-a58c-4cbd-9b01-0e130455c8ae
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations
AnalysisAI
In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-457. In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations Affected products include: Asrmicro Asr1806 Firmware, Asrmicro Asr1803 Firmware, Asrmicro Asr1606 Firmware, Asrmicro Asr1603 Firmware, Asrmicro Asr1602 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Asr1806 Firmware
View allMemory Corruption in SIM management while USIMPhase2init. Rated critical severity (CVSS 9.8), this vulnerability is remo
Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. Rated high severity (CVSS 8.0), this vuln
Memory Corruption in IMS while calling VoLTE Streamingmedia Interface. Rated high severity (CVSS 7.8), this vulnerabilit
Security best practices violations, a string operation in Streamingmedia will write past the end of fixed-size destinati
A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access. Ra
In huge memory get unmapped area check, code can never be reached because of a logical contradiction. Rated medium sever
An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Rated medium severity
Same weakness CWE-457 – Use of Uninitialized Variable
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today