CVSS 7.4 · HIGH
CVE-2026-42799
Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects Kestrel: before 2026/02/10.
Ver en NVDAnálisis
This vulnerability affects specific firmware for ASR Microelectronics modem chipsets used in specialized hardware. It does not impact common web, mobile, or backend development stacks and is unlikely to affect members of the community.
Severidad
Puntaje: 7.4(HIGH)
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:LAV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: CHANGED
C: LOW
I: LOW
A: LOW
Tipo de falla (CWE):
CWE-125EPSS
Probabilidad de explotación (próx. 30 días): 0.0005 (0.0%)
Percentil: 14.5%
EPSS: 2026-05-06
Afecta
asrmicro:asr1803_firmwareasrmicro:asr1803Descripción técnica
Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects Kestrel: before 2026/02/10.
Publicada: 30/4/2026, 9:16:03
Última modificación: 5/5/2026, 2:53:31