CVE-2022-2482
8.4HIGH
Summary
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary code execution in the bootloader.
Affected Version(s)
ASIK AirScale = 474021A.101
ASIK AirScale = 474021A.102
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: 8.8 to: 8.4 - (HIGH)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Joel Cretan
Red Balloon Security