Skip to main content

CVE-2025-5072: CWE-404 Improper Resource Shutdown or Release in ASR Falcon_Linux、Kestrel、Lapwing_Linux

Medium
VulnerabilityCVE-2025-5072cvecve-2025-5072cwe-404
Published: Tue Jul 01 2025 (07/01/2025, 08:55:42 UTC)
Source: CVE Database V5
Vendor/Project: ASR
Product: Falcon_Linux、Kestrel、Lapwing_Linux

Description

Resource leak vulnerability in ASR180x、ASR190x in con_mgr allows Resource Leak Exposure.This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536.

AI-Powered Analysis

AILast updated: 07/01/2025, 09:24:44 UTC

Technical Analysis

CVE-2025-5072 is a resource leak vulnerability classified under CWE-404 (Improper Resource Shutdown or Release) affecting ASR's networking products running Falcon_Linux, Kestrel, and Lapwing_Linux operating systems, specifically versions prior to v1536. The vulnerability resides in the con_mgr component of ASR180x and ASR190x devices, where resources are not properly released after use, leading to resource leaks. This improper resource management can cause gradual depletion of system resources such as memory or file descriptors, potentially resulting in degraded device performance or denial of service (DoS) conditions over time. The CVSS v3.1 base score is 5.4 (medium severity), with an attack vector of network (AV:N), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), limited confidentiality impact (C:L), no integrity impact (I:N), and low availability impact (A:L). No known exploits are reported in the wild, and no patches are currently linked. The vulnerability does not require user interaction but does require some level of privilege, indicating that an attacker with limited access could exploit this remotely to cause resource exhaustion and potential service disruption on affected ASR devices. These devices are typically used in enterprise and service provider network infrastructure, making the vulnerability relevant for network stability and availability.

Potential Impact

For European organizations, especially those relying on ASR180x and ASR190x routers or network devices running Falcon_Linux, Kestrel, or Lapwing_Linux, this vulnerability could lead to network instability or outages due to resource exhaustion. This is particularly critical for ISPs, telecommunications providers, and large enterprises with complex network infrastructures that depend on these devices for routing and connectivity. A successful exploitation could degrade network performance or cause denial of service, impacting business operations, customer connectivity, and potentially critical services. While the confidentiality and integrity impacts are minimal, availability degradation can have significant operational and financial consequences. Given the medium severity and the requirement for some privileges, the threat is moderate but should not be overlooked, especially in environments where attackers might gain limited access through other means. The lack of known exploits suggests limited immediate risk, but the vulnerability could be leveraged in targeted attacks or combined with other exploits to escalate impact.

Mitigation Recommendations

European organizations should proactively monitor their ASR180x and ASR190x devices for firmware versions and upgrade to version v1536 or later once available to address this vulnerability. In the absence of patches, administrators should implement strict access controls to limit privileged access to the con_mgr component and related management interfaces, reducing the risk of exploitation. Network segmentation and monitoring for unusual resource usage patterns on affected devices can help detect early signs of exploitation. Additionally, implementing rate limiting and resource usage quotas where possible can mitigate the impact of resource leaks. Regular audits of device logs and performance metrics should be conducted to identify potential resource exhaustion symptoms. Organizations should also engage with ASR vendor support for updates and advisories, and consider deploying redundancy and failover mechanisms to maintain network availability in case of device degradation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
ASR
Date Reserved
2025-05-22T03:30:06.712Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6863a5c56f40f0eb728ebeb5

Added to database: 7/1/2025, 9:09:25 AM

Last enriched: 7/1/2025, 9:24:44 AM

Last updated: 7/1/2025, 9:24:44 AM

Views: 2

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats