CVE-2025-24335

Name of the Vulnerable Software and Affected Versions: Nokia Single RAN baseband software versions earlier than 24R1-SR 2.1 MP

Description: The issue is related to a SOAP message input validation flaw, which could potentially be used for causing resource exhaustion in the Single RAN baseband OAM service. No practical exploit has been detected for this flaw. The problem has been corrected starting from release 24R1-SR 2.1 MP by adding sufficient input validation for received SOAP requests.

Recommendations: For versions earlier than 24R1-SR 2.1 MP, update to release 24R1-SR 2.1 MP or later to mitigate the issue by adding sufficient input validation for received SOAP requests.