PT-2002-1531 · Nokia+1 · Nokia+2

Published

2002-06-11

Updated

2016-10-18

CVE-2002-0480

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d

Description The issue allows a remote attacker to gain access to the device during installation when the "first time connection" feature is enabled and before any legitimate administrators have connected. This could happen if a user is configured to become a key manager.

Recommendations For ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d, update to IPSO build 6.0.2001.141d or later to resolve the issue. As a temporary workaround, consider disabling the "first time connection" feature until a patch is available. Restrict access to the device during installation to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0480

Affected Products

Ipso

Iss Realsecure

Nokia

PT-2002-1531 · Nokia+1 · Nokia+2

CVE-2002-0480

Related Identifiers

Affected Products

References · 5