CVE-2026-0127
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk16th percentile — higher than 16% of all known CVEs
Summary
In the NrmmMsgCodec::DecodeUPUTransparentContext function of cn_NrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed.
Risk Assessment
This vulnerability may lead to a crash of the communication system, potentially disrupting services within the organization. The lack of user interaction required increases the risk of remote exploitation.
Recommendation
It is recommended to update the software to the latest version to mitigate this vulnerability and to monitor systems for potential attack attempts.
Original NVD description (English source)
In NrmmMsgCodec::DecodeUPUTransparentContext of cn_NrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed. User interaction is not needed for exploitation.

