{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T10:08:26.592","vulnerabilities":[{"cve":{"id":"CVE-2025-49480","sourceIdentifier":"68630edc-a58c-4cbd-9b01-0e130455c8ae","published":"2025-07-01T12:15:22.923","lastModified":"2026-06-17T09:31:21.850","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds access in ASR180x 、ASR190x  in lte-telephony,  This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c.\n\nThis issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before v1536."},{"lang":"es","value":"Acceso fuera de los límites en ASR180x y ASR190x en telefonía LTE. Esta vulnerabilidad está asociada con los archivos de programa apps/lzma/src/LzmaEnc.c. Este problema afecta a Falcon_Linux, Kestrel y Lapwing_Linux anteriores a la v1536."}],"affected":[{"source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","affectedData":[{"vendor":"ASR","product":"Falcon_Linux、Kestrel、Lapwing_Linux","defaultStatus":"unaffected","modules":["lte-telephony"],"platforms":["Linux"],"programFiles":["apps/lzma/src/LzmaEnc.c"],"versions":[{"version":"0","lessThan":"v1536","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-01T14:26:18.297143Z","id":"CVE-2025-49480","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asrmicro:falcon_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"1536","matchCriteriaId":"BBB3083A-577B-42D4-B939-5B18B70F45A7"},{"vulnerable":true,"criteria":"cpe:2.3:o:asrmicro:kestrel:*:*:*:*:*:*:*:*","versionEndExcluding":"1536","matchCriteriaId":"F6BAF32F-FF49-4DA4-98AE-22F18A1E81B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:asrmicro:lapwing_linux:*:*:*:*:*:*:*:*","versionEndExcluding":"1536","matchCriteriaId":"BDA5AEAD-3ED5-40C9-A069-5E0CFA07F252"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1803:-:*:*:*:*:*:*:*","matchCriteriaId":"5DCCB900-92E3-4060-B687-052F378AC304"},{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1806:-:*:*:*:*:*:*:*","matchCriteriaId":"A9465207-5C99-406B-824E-B735FEDAA22D"},{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1901:-:*:*:*:*:*:*:*","matchCriteriaId":"A4D3C8A7-2C61-4D2C-9BA9-381BE1D3FF51"},{"vulnerable":false,"criteria":"cpe:2.3:h:asrmicro:asr1903:-:*:*:*:*:*:*:*","matchCriteriaId":"1A8414CE-17FC-4F24-8434-4D4B80954624"}]}]}],"references":[{"url":"https://www.asrmicro.com/en/goods/psirt?cid=40","source":"68630edc-a58c-4cbd-9b01-0e130455c8ae","tags":["Vendor Advisory"]}]}}]}