Skip to main content

ASR Lapwing Linux CVE-2026-42800

| EUVDEUVD-2026-26360 HIGH
NULL Pointer Dereference (CWE-476)
2026-04-30 ASR
7.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Apr 30, 2026 - 10:15 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 10:00 euvd
EUVD-2026-26360
Analysis Generated
Apr 30, 2026 - 10:00 vuln.today
CVE Published
Apr 30, 2026 - 08:52 nvd
HIGH 7.4

DescriptionCVE.org

NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation.

This vulnerability is associated with program files sip/utils/src/sipuri.c.

AnalysisAI

NULL pointer dereference in ASR Lapwing Linux's IMS client (sipuri.c) allows authenticated remote attackers to trigger service crashes and potentially execute code with changed scope. The vulnerability exists in the SIP URI parsing logic of the ASR1903 hardware platform's ims_client module. With CVSS 7.4 and scope change to Container, successful exploitation enables lateral impact beyond the vulnerable component. No CISA KEV listing or public exploit code identified at time of analysis, though EPSS data unavailable.

Technical ContextAI

This vulnerability affects the IMS (IP Multimedia Subsystem) client implementation in ASR Lapwing Linux, specifically within the SIP (Session Initiation Protocol) URI parsing routine in sip/utils/src/sipuri.c. CWE-476 (NULL Pointer Dereference) indicates the code fails to validate pointer values before dereferencing, causing the application to access memory at the null address when processing malformed SIP URIs. The ASR1903 appears to be a network routing/switching platform running a custom Linux distribution (Lapwing Linux) with telephony/VoIP capabilities. The CPE string indicates this is vendor-specific software from ASR Micro rather than a widely-used open-source SIP stack, limiting the scope to ASR hardware deployments. The scope change metric (S:C) in CVSS suggests the vulnerability crosses trust boundaries, potentially from IMS client context into system or kernel space.

RemediationAI

Consult the ASR Product Security Incident Response Team (PSIRT) advisory at https://www.asrmicro.com/en/goods/psirt?cid=44 for vendor-released patches or firmware updates for ASR1903 devices running Lapwing Linux. Exact fixed version not confirmed from available data-verify current patch status directly with ASR support. If patches are unavailable or cannot be immediately applied, implement these compensating controls: restrict network access to IMS client interfaces using firewall rules to trusted SIP trunks and authenticated peers only, reducing exposure to low-trust networks; disable IMS/VoIP functionality entirely on ASR1903 devices if not operationally required, eliminating the attack surface; implement strict authentication controls and monitor for suspicious SIP INVITE/REGISTER traffic patterns targeting the ims_client service; deploy network-based SIP application layer gateways to validate and sanitize SIP URIs before they reach vulnerable ASR devices, though this adds latency and complexity to VoIP call flows. Trade-offs: Disabling IMS breaks telephony features. Network filtering may block legitimate but non-standard SIP URI formats. Application gateways introduce single points of failure.

CVE-2025-49480 HIGH
7.4 Jul 01

Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lz

CVE-2025-49492 HIGH
7.4 Jul 01

Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun.  This vulnerability is associated with pr

CVE-2025-49483 MEDIUM
5.4 Jul 01

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure.

CVE-2025-49482 MEDIUM
5.4 Jul 01

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure.

CVE-2025-49481 MEDIUM
5.4 Jul 01

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router modules allows Resource Leak Exposure.

CVE-2025-49491 MEDIUM
5.4 Jul 01

Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (traffic_stat mod

CVE-2025-49488 MEDIUM
5.4 Jul 01

Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router components allows Resource Leak Ex

CVE-2025-49490 MEDIUM
5.4 Jul 01

Resource leak vulnerability in ASR180x in router allows Resource Leak Exposure. This vulnerability is associated with p

CVE-2025-49489 MEDIUM
5.4 Jul 01

Improper Resource Shutdown or Release vulnerability in ASR Falcon_Linux、Kestrel、Lapwing_Linux on Linux (con_mgr compon

CVE-2025-5072 MEDIUM
5.4 Jul 01

Resource leak vulnerability in ASR180x、ASR190x in con_mgr allows Resource Leak Exposure.This issue affects Falcon_Linux、

Share

CVE-2026-42800 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy