Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ericsson — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting Ericsson. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ericsson operates as a global provider of telecommunications infrastructure, enabling mobile network connectivity and 5G deployment for service providers worldwide. Its extensive product portfolio, ranging from base stations to core network software, presents a broad attack surface that has historically attracted significant security scrutiny. Analysis of its vulnerability records reveals a prevalence of remote code execution and cross-site scripting flaws, often stemming from complex legacy codebases and embedded systems. While the company has faced notable incidents involving potential data exposure and configuration weaknesses, it generally maintains robust security protocols aligned with industry standards. The current count of twenty-five recorded CVEs reflects ongoing efforts to patch critical infrastructure components, though the scale of its global footprint necessitates continuous vigilance against sophisticated threats targeting critical communication networks.

Top products by Ericsson: Indoor Connect 8855 codechecker Ericsson RAN Compute Basebands (all BB variants) Packet Core Controller Ericsson Network Manager(ENM) Ericsson Network Manager Ericsson Catalog Manager Site Controller 6610 Packet Core Controller (PCC)
CVE IDTitleCVSSSeverityPublished
CVE-2026-25660 Authentication bypass for certain API calls — CodeCheckerCWE-290 9.8AICriticalAI2026-04-24
CVE-2024-53828 Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability — Packet Core Controller (PCC)CWE-228 5.3 Medium2026-04-01
CVE-2025-40842 Ericsson Indoor Connect 8855 - Improper Neutralization of Input During Web Page Generation Vulnerability — Indoor Connect 8855CWE-79 5.4 -2026-03-25
CVE-2025-40841 Ericsson Indoor Connect 8855 - Cross-Site Request Forgery Vulnerability — Indoor Connect 8855CWE-352 4.3 -2026-03-25
CVE-2025-27260 Ericsson Indoor Connect 8855 - Improper Filtering of Special Elements Vulnerability — Indoor Connect 8855CWE-790 5.3 -2026-03-25
CVE-2025-40843 Buffer overflow in CodeChecker log command — CodeCheckerCWE-121 5.9 Medium2025-10-28
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller — Site Controller 6610CWE-78 8.4 High2025-10-13
CVE-2025-27258 Ericsson Network Manager: escalation of privilege vulnerability — Ericsson Network Manager(ENM)CWE-284 8.8AIHighAI2025-10-13
CVE-2025-27259 Ericsson Network Manager: improper neutralization of user controlled input — Ericsson Network Manager(ENM)CWE-79 6.1AIMediumAI2025-10-13
CVE-2025-40838 Ericsson Indoor Connect 8855 - Insufficiently Protected Credentials Vulnerability — Indoor Connect 8855CWE-522 7.5AIHighAI2025-09-25
CVE-2025-40837 Ericsson Indoor Connect 8855 - Missing Authorization Vulnerability — Indoor Connect 8855CWE-862 8.8AIHighAI2025-09-25
CVE-2025-40836 Ericsson Indoor Connect 8855 - Improper Input Validation Vulnerability — Indoor Connect 8855CWE-20 8.8AIHighAI2025-09-25
CVE-2025-27262 Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an OS Command Vulnerability — Indoor Connect 8855CWE-78 9.8AICriticalAI2025-09-25
CVE-2025-27261 Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an SQL Command Vulnerability — Indoor Connect 8855CWE-89 9.1AICriticalAI2025-09-25
CVE-2024-25011 Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability — Ericsson Catalog ManagerCWE-200 5.3 Medium2025-09-18
CVE-2024-25010 Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability — Ericsson RAN Compute Basebands (all BB variants)CWE-20 8.8 High2025-05-22
CVE-2024-53827 Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability — Packet Core ControllerCWE-20 7.5 High2025-05-16
CVE-2025-1300 Open redirect in CodeChecker web server — CodeCheckerCWE-601 6.1 Medium2025-02-28
CVE-2024-53829 Cross-Site Request Forgery in CodeChecker API — CodeCheckerCWE-352 8.2 High2025-01-21
CVE-2024-10082 CodeChecker 安全漏洞 — CodeCheckerCWE-305 8.7 High2024-11-06
CVE-2024-10081 CodeChecker 安全漏洞 — CodeCheckerCWE-288 10.0 Critical2024-11-06
CVE-2024-25009 Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability — Packet Core ControllerCWE-20 6.5 Medium2024-08-20
CVE-2024-25008 Ericsson RAN Compute and Site Controller 6610 - Improper Input Validation Vulnerability — Ericsson RAN Compute Basebands (all BB variants)CWE-20 6.8 Medium2024-08-16
CVE-2023-49793 Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store` — codecheckerCWE-22 6.5 Medium2024-06-24
CVE-2024-25007 Ericsson Network Manager - Improper Neutralization of Formula Elements Vulnerability — Ericsson Network ManagerCWE-1236 7.1 High2024-04-04

This page lists every published CVE security advisory associated with Ericsson. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.