CVE-2022-2484

8.4HIGH

Key Information

Vendor
Nokia
Status
Asik Airscale
Vendor
CVE Published:
6 January 2023

Summary

The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs.

Affected Version(s)

ASIK AirScale = 474021A.101

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Risk change from: 7.8 to: 8.4 - (HIGH)

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database

Credit

Joel Cretan
Red Balloon Security
.