CVE-2023-25186

Name of the Vulnerable Software and Affected Versions NOKIA Airscale ASIKA Single RAN devices versions prior to 21B

Description An issue was discovered in the Nokia BTS baseband unit diagnostic tool AaShell, which is disabled by default. If security hardenings are removed from a Nokia Single RAN BTS baseband unit by a CSP administrator, a directory path traversal provides access to the BTS baseband unit internal filesystem from the mobile network solution internal BTS management network.

Recommendations For versions prior to 21B, consider disabling the AaShell diagnostic tool until a patch is available to prevent potential exploitation. Restrict access to the BTS baseband unit internal filesystem to minimize the risk of unauthorized access. Ensure that security hardenings are not removed from the Nokia Single RAN BTS baseband unit to prevent this issue.