PT-2025-27612 · Nokia · Nokia Single Ran Baseband
Guillaume Teissier
+3
·
Published
2025-07-02
·
Updated
2025-07-02
·
CVE-2025-24334
CVSS v3.1
3.3
Low
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Nokia Single RAN baseband software versions prior to 23R2-SR 1.0 MP
Description:
The issue allows an attacker to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator (MNO) internal RAN management network.
Recommendations:
For versions prior to 23R2-SR 1.0 MP, update to version 23R2-SR 1.0 MP or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nokia Single Ran Baseband