Skip to main content

CVE-2025-49480: CWE-125 Out-of-bounds Read in ASR Falcon_Linux、Kestrel、Lapwing_Linux

High
VulnerabilityCVE-2025-49480cvecve-2025-49480cwe-125
Published: Tue Jul 01 2025 (07/01/2025, 11:13:19 UTC)
Source: CVE Database V5
Vendor/Project: ASR
Product: Falcon_Linux、Kestrel、Lapwing_Linux

Description

Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

AI-Powered Analysis

AILast updated: 07/01/2025, 11:39:31 UTC

Technical Analysis

CVE-2025-49480 is a high-severity vulnerability classified as CWE-125, an out-of-bounds read, affecting ASR's Falcon_Linux, Kestrel, and Lapwing_Linux products, specifically versions prior to v1536. The flaw resides in the LTE telephony component of ASR180x and ASR190x devices, within the LZMA compression implementation (apps/lzma/src/LzmaEnc.c). An out-of-bounds read occurs when the software reads memory outside the intended buffer bounds, potentially leading to information disclosure, data corruption, or triggering undefined behavior that could be leveraged for further exploitation. The CVSS 3.1 base score of 7.4 indicates a high severity, with an attack vector of network (AV:N), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), and scope change (S:C). The impact includes low confidentiality, integrity, and availability impacts individually, but combined with scope change, the overall effect is significant. No known exploits are currently reported in the wild, and no patches are linked yet, indicating a need for vigilance and proactive mitigation. The vulnerability affects critical telephony infrastructure components embedded in ASR's Linux-based products, which are likely used in telecommunications environments for LTE services.

Potential Impact

For European organizations, especially telecom operators and infrastructure providers relying on ASR's Falcon_Linux, Kestrel, and Lapwing_Linux platforms, this vulnerability poses a significant risk. Exploitation could allow attackers to remotely read out-of-bounds memory, potentially leaking sensitive information such as cryptographic keys, configuration data, or user information. Given the scope change, the vulnerability could be leveraged to affect other components or escalate privileges, impacting the integrity and availability of LTE telephony services. Disruption or compromise of LTE infrastructure can degrade network reliability, affect end-user connectivity, and cause regulatory and reputational damage. Critical national infrastructure and emergency communication systems that depend on these platforms are particularly at risk. The lack of known exploits currently provides a window for mitigation before active attacks emerge.

Mitigation Recommendations

European organizations should immediately identify deployments of ASR Falcon_Linux, Kestrel, and Lapwing_Linux products, focusing on versions prior to v1536. Until official patches are released, network-level mitigations such as strict access controls, segmentation of LTE telephony management interfaces, and monitoring for anomalous traffic patterns targeting the LZMA compression routines should be implemented. Employ intrusion detection/prevention systems (IDS/IPS) with updated signatures to detect potential exploitation attempts. Limit privileged access to affected systems and enforce multi-factor authentication to reduce the risk posed by the low privilege requirement. Coordinate with ASR for timely patch deployment once available and conduct thorough testing before production rollout. Additionally, perform memory integrity checks and audit logs for signs of exploitation attempts. Engage with telecom security communities to share intelligence and best practices for protecting LTE infrastructure.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
ASR
Date Reserved
2025-06-05T08:13:26.653Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6863c56a6f40f0eb728f0619

Added to database: 7/1/2025, 11:24:26 AM

Last enriched: 7/1/2025, 11:39:31 AM

Last updated: 7/11/2025, 12:28:04 AM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats