Input Validation Flaw in Ericsson RAN Compute and Site Controller 6610
CVE-2024-25010

8.8HIGH

Key Information:

Vendor: Ericsson
Status: Ericsson Ran Compute Basebands (all Bb Variants); Site Controller 6610
Vendor: CVE Published:; 22 May 2025

What is CVE-2024-25010?

Ericsson RAN Compute and Site Controller 6610 are susceptible to a vulnerability stemming from improper input validation in specific configurations. This can be exploited by malicious actors, potentially resulting in arbitrary code execution. It is crucial for users to ensure that their systems are updated and follow recommended security practices to mitigate this risk.

Affected Version(s)

Ericsson RAN Compute Basebands (all BB variants) 0

Ericsson RAN Compute Basebands (all BB variants) 0 < 24.Q4

Ericsson RAN Compute Basebands (all BB variants) 0

References

https://www.ericsson.com/en/about-us/security/psirt/CVE-2...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 22, 2025
Vulnerability Reserved
Feb 2, 2024