CVE-2022-40875 is a high-severity heap overflow vulnerability identified in the Tenda AX1803 router firmware version 1.0.0.1. The vulnerability exists in the function GetParentControlInfo, which is likely involved in managing parental control features or related device control mechanisms. A heap overflow occurs when more data is written to a heap-allocated buffer than it can hold, potentially leading to memory corruption. This can cause application crashes or enable an attacker to execute arbitrary code remotely. The CVSS v3.1 score of 7.5 reflects a network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality or integrity impact (C:N, I:N), but a high impact on availability (A:H). This means an attacker can remotely trigger the vulnerability without authentication or user interaction, causing denial of service by crashing or destabilizing the device. No patches or exploit code are currently publicly available, and no known exploits in the wild have been reported. The vulnerability is categorized under CWE-787 (Out-of-bounds Write), a common and critical class of memory corruption bugs. Given the nature of consumer routers, exploitation could disrupt home or small office network availability, potentially affecting connected devices and services relying on the router for internet access or internal networking.

For European organizations, especially small and medium enterprises (SMEs) and home offices that use Tenda AX1803 routers, this vulnerability poses a significant risk to network availability. A successful attack could result in denial of service, interrupting business operations, remote work, and communications. Although the vulnerability does not directly compromise confidentiality or integrity, loss of availability can have cascading effects, such as inability to access cloud services, VPNs, or critical internal resources. In sectors with high reliance on continuous connectivity—such as finance, healthcare, and critical infrastructure—this could lead to operational disruptions and potential regulatory compliance issues. Additionally, if attackers leverage this vulnerability as part of a larger attack chain, it could serve as a foothold for further network exploitation. The lack of required authentication and user interaction increases the risk of automated or widespread scanning and exploitation attempts, particularly in environments where these routers are exposed to the internet or poorly segmented networks.

Since no official patches are currently available, European organizations should implement immediate compensating controls. These include isolating Tenda AX1803 routers from direct internet exposure by placing them behind firewalls or NAT devices that restrict inbound traffic to trusted sources only. Network segmentation should be enforced to limit the impact of a compromised router on critical systems. Monitoring network traffic for unusual patterns or repeated crashes of the router can help detect exploitation attempts early. Organizations should consider replacing vulnerable devices with models from vendors that provide timely security updates and have a strong security track record. Additionally, disabling parental control features or other non-essential services related to the vulnerable function may reduce the attack surface. Regularly checking for firmware updates from Tenda and applying them promptly once available is essential. Finally, educating users and administrators about the risks of using outdated or unsupported network equipment can improve overall security posture.