CVE-2025-7921
BaseFortify
Publication date: 2025-07-21
Last updated on: 2025-07-22
Assigner: TWCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| askey | rtf8217 | * |
| askey | rtf8207w | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7921 is a critical stack-based buffer overflow vulnerability found in certain Askey modem models, specifically RTF8207w and RTF8217 with firmware versions prior to R82XXR250718. This vulnerability allows unauthenticated remote attackers to manipulate the program's execution flow, potentially enabling them to execute arbitrary code on the affected devices. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows unauthenticated remote attackers to take control of the affected modem's program execution flow. This can lead to arbitrary code execution, which may compromise the confidentiality, integrity, and availability of the device and the network it is connected to. Exploitation could result in unauthorized access, data breaches, service disruption, or further attacks within the network. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the firmware of the affected Askey modem models (specifically RTF8207w and RTF8217) to version R82XXR250718 or later. [1, 2]