Asr1803Sc Firmware
CVE-2024-32633
MEDIUM
Severity by source
AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
Primary rating from Vendor (68630edc-a58c-4cbd-9b01-0e130455c8ae) · only source for this CVE.
CVSS VectorVendor: 68630edc-a58c-4cbd-9b01-0e130455c8ae
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way.
AnalysisAI
An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-570. An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. Affected products include: Asrmicro Asr1803Sc Firmware, Asrmicro Asr1607 Firmware, Asrmicro Asr3603 Firmware, Asrmicro Asr3602 Firmware, Asrmicro Asr3605 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Asr1803Sc Firmware
View allOut-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. Rated high severity (CVSS 8.0), this vuln
A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access. Ra
In huge memory get unmapped area check, code can never be reached because of a logical contradiction. Rated medium sever
In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computa
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today