CVE-2022-2483
8.4HIGH
Summary
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
Affected Version(s)
ASIK AirScale = 474021A.101
ASIK AirScale = 474021A.102
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: 7.1 to: 8.4 - (HIGH)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Joel Cretan
Red Balloon Security