CVE-2025-49481 is a medium-severity vulnerability classified under CWE-404, which pertains to improper resource shutdown or release. This vulnerability affects ASR's router products running Falcon_Linux, Kestrel, and Lapwing_Linux operating systems, specifically versions prior to v1536. The issue arises from the improper handling of resources in the program file router/phonebook/pbwork-queue.C, leading to resource leaks. Resource leaks occur when system resources such as memory, file handles, or network sockets are not properly released after use, potentially causing degraded system performance or denial of service over time. The vulnerability has a CVSS 3.1 base score of 5.4, indicating a medium severity level. The vector details (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L) reveal that the vulnerability can be exploited remotely over the network with low attack complexity, requires low privileges, and no user interaction. The impact primarily affects confidentiality to a limited extent and availability to a low extent, with no impact on integrity. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is specific to certain ASR router models widely used in network infrastructure, which could lead to resource exhaustion and potential service degradation if exploited.

For European organizations, especially those relying on ASR routers running Falcon_Linux, Kestrel, or Lapwing_Linux, this vulnerability poses a risk of resource exhaustion that could degrade network performance or cause partial denial of service. While the confidentiality impact is limited, the availability impact could disrupt critical network services, affecting business operations, especially in sectors dependent on continuous network uptime such as finance, telecommunications, and government. The requirement of low privileges for exploitation means that insider threats or attackers who have gained limited access could leverage this vulnerability to impact network stability. Given the central role of routers in enterprise and service provider networks, exploitation could cascade to affect multiple connected systems. However, the absence of known exploits and the medium severity rating suggest that immediate widespread impact is unlikely but should not be ignored.

European organizations should prioritize upgrading affected ASR router firmware to version v1536 or later once available to address this vulnerability. In the interim, network administrators should monitor router resource usage closely for signs of resource leaks, such as increasing memory or handle consumption over time. Implementing strict access controls to limit privileged access to router management interfaces can reduce exploitation risk. Network segmentation and traffic filtering can help contain potential exploitation attempts. Additionally, organizations should establish robust logging and alerting mechanisms to detect unusual router behavior indicative of resource exhaustion. Regular vulnerability scanning and penetration testing focused on network infrastructure can help identify exposure. Coordination with ASR support channels for timely patch information and applying vendor-recommended configurations to mitigate resource leaks is also advised.