CVE-2023-25185

Name of the Vulnerable Software and Affected Versions NOKIA Airscale ASIKA Single RAN devices versions prior to 21B

Description An issue was discovered in the Nokia Single RAN software releases, where certain software processes in the BTS internal software design have unnecessarily high privileges to BTS embedded operating system (OS) resources. This is due to an internal fault in the mobile network solution.

Recommendations For versions prior to 21B, consider restricting access to the BTS embedded operating system (OS) resources to minimize the risk of exploitation. As a temporary workaround, review and adjust the privileges of software processes in the BTS internal software design to ensure they are appropriately limited. At the moment, there is no information about a newer version that contains a fix for this vulnerability.