<0.1% probability · 14.8th percentile — 2026-05-12
Affected versions
ASR Kestrel versions before 2026/02/10
Summary
This is an out-of-bounds read vulnerability in the nr_fw modules of ASR Kestrel. The flaw resides in the NrPwrCtrl.C source file of the Kestrel firmware. Successful exploitation can allow attackers to access unintended memory and trigger abnormal system behavior.
Remediation
Update ASR Kestrel firmware to the patched version released after 2026/02/10. Verify firmware updates through official ASR distribution channels. Restrict untrusted access to affected ASR modules until the update is applied.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.