CVE-2024-32634

MEDIUM
Published Apr 16, 2024 Modified Dec 10, 2025 CWE-561

Description

In huge memory get unmapped area check, code can never be reached because of a logical contradiction.

CVSS v3.1 Score

6.1
MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H

Weakness Type (CWE)

CWE-561 CWE-561

Affected Products

Vendor Product
asrmicro asr3603_firmware
asrmicro asr3603
asrmicro asr1607_firmware
asrmicro asr1607
asrmicro asr1803sc_firmware
asrmicro asr1803sc
asrmicro asr3602_firmware
asrmicro asr3602
asrmicro asr3605_firmware
asrmicro asr3605
asrmicro asr3607_firmware
asrmicro asr3607
asrmicro asr1609_firmware
asrmicro asr1609
asrmicro asr1605_firmware
asrmicro asr1605
asrmicro asr1602_firmware
asrmicro asr1602
asrmicro asr1603_firmware
asrmicro asr1603
asrmicro asr1606_firmware
asrmicro asr1606
asrmicro asr1803_firmware
asrmicro asr1803
asrmicro asr1806_firmware
asrmicro asr1806

References

Frequently Asked Questions

What is CVE-2024-32634? +
In huge memory get unmapped area check, code can never be reached because of a logical contradiction. It has a CVSS v3.1 base score of 6.1 (MEDIUM).
How severe is CVE-2024-32634? +
CVE-2024-32634 has a CVSS v3.1 score of 6.1 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.
What products are affected by CVE-2024-32634? +
CVE-2024-32634 affects products from asrmicro, specifically: asr1602, asr1602_firmware, asr1603, asr1603_firmware, asr1605, asr1605_firmware, asr1606, asr1606_firmware, asr1607, asr1607_firmware, asr1609, asr1609_firmware, asr1803, asr1803_firmware, asr1803sc, asr1803sc_firmware, asr1806, asr1806_firmware, asr3602, asr3602_firmware, asr3603, asr3603_firmware, asr3605, asr3605_firmware, asr3607, asr3607_firmware. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-32634? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-34205 9.8

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (VA and SaaS deployments) …
CVE-2024-8300 7.0

Dead Code vulnerability in Mitsubishi Electric GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10.97.3, Mitsubishi Electric Iconics Digital Solutions …
CVE-2026-44057 3.1

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path …
CVE-2026-42800 7.4

NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated …
CVE-2025-49492 7.4

Out-of-bounds write in ASR180x in lte-telephony, May cause a buffer underrun. This vulnerability is associated with program files apps/atcmd_server/src/dev_api.C. This …
CVE-2025-49480 7.4

Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before …

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-32634 — free, no signup required.

Start Free Scan