CVE-2025-13735
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-26

Last updated on: 2025-11-26

Assigner: ASR Microelectronics Co., Ltd.

Description
Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules). This vulnerability is associated with program files Code/nr_fw/DLP/src/NrCgi.C. This issue affects Lapwing_Linux: before 2025/11/26.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-26
Last Modified
2025-11-26
Generated
2026-05-07
AI Q&A
2025-11-26
EPSS Evaluated
2026-05-05
NVD
CVE-2025-13735
EUVD
EUVD-2025-199708
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lapwing_linux lapwing_linux *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an Out-of-bounds Read in the ASR1903 and ASR3901 devices running ASR Lapwing_Linux on Linux, specifically in the nr_fw modules related to the program files Code/nr_fw/DLP/src/NrCgi.C. It occurs when the software reads data outside the intended memory boundaries, which can lead to unexpected behavior or crashes.


How can this vulnerability impact me? :

This vulnerability can impact you by allowing an attacker with low privileges to exploit the out-of-bounds read, potentially causing information disclosure, integrity loss, or availability issues on affected systems. The CVSS score of 7.4 indicates a high severity with possible impacts on confidentiality, integrity, and availability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart