HIGH🇵🇱 Wersja polska

CVE-2022-2482

CVSS 8.4v3.1pub. 2023-01-06upd. 2024-11-21

A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary code execution in the bootloader.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
  • Nokia Asik Airscale 474021a.101

    HW
    Nokia
    wszystkie wersje
  • Nokia Asik Airscale 474021a.101 Firmware

    OS
    Nokia
    wszystkie wersje
  • Nokia Asik Airscale 474021a.102

    HW
    Nokia
    wszystkie wersje
  • Nokia Asik Airscale 474021a.102 Firmware

    OS
    Nokia
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-2483HIGH8.4ten sam produkt

The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public k...

CVE-2022-2484HIGH8.4ten sam produkt

The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing a...

CVE-2025-27019CRITICAL9.8PL ✓ten sam vendor

Nokia Infinera MTC-9: dostęp bez hasła przez usługę RSH umożliwia reverse shell

CVE-2025-27020CRITICAL9.8PL ✓ten sam vendor

Pominięcie uwierzytelnienia SSH w Nokia Infinera MTC-9 umożliwia RCE

CVE-2025-24936CRITICAL9.0PL ✓ten sam vendor

Command injection w Nokia Wavesuite NOC — RCE przez aplikację webową