CVE-2025-13735

Dec. 1, 2025, 3:39 p.m.

7.4
High

Description

Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules). This vulnerability is associated with program files Code/nr_fw/DLP/src/NrCgi.C. This issue affects Lapwing_Linux: before 2025/11/26.

Product(s) Impacted

Product Versions
lapwing_linux
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References

https://www.asrmicro.com/en/goods/psirt?cid=41

Tags

CWE-125
68630edc-a58c-4cbd-9b01-0e130455c8ae
2025-11-26
CVE-2025-13735

CVSS Score

7.4 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: CHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: LOW
  • Availability Impact: LOW

    • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

    View Vector String

Timeline

Published: Nov. 26, 2025, 7:16 a.m.
Last Modified: Dec. 1, 2025, 3:39 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

68630edc-a58c-4cbd-9b01-0e130455c8ae

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.