Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Nokia — Vulnerabilities & Security Advisories 24

Browse all 24 CVE security advisories affecting Nokia. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Nokia operates primarily as a telecommunications infrastructure provider, developing hardware and software for mobile networks, including 5G equipment and enterprise solutions. Its extensive product portfolio historically exposes it to diverse vulnerability classes, with recorded Common Vulnerabilities and Exposures (CVEs) frequently involving remote code execution, cross-site scripting, and privilege escalation flaws. These issues often stem from complex network management interfaces and embedded systems within base stations. While no single catastrophic incident has defined the company’s entire security history, the sheer volume of 24 documented CVEs highlights persistent challenges in securing legacy and modern network components. Security assessments typically focus on hardening network elements against unauthorized access and ensuring robust patch management across distributed infrastructure, reflecting the critical nature of its role in global communications.

Top products by Nokia: Nokia Single RAN ASIK AirScale WaveSuite NOC MantaRay NM SR OS (7250 IXR, 7450 ESS, 7750 SR, 7950 IXR, VSR), 7705 SAR OS, 7210 SAS OS CBIS,NCS Nokia Single RAN AirScale (Flexi Multiradio is not affected) SR Linux Nokia ONT Infinera DNA
CVE IDTitleCVSSSeverityPublished
CVE-2025-24819 A Relative Path Traversal vulnerability in Nokia MantaRay NM — MantaRay NM 6.5AIMediumAI2026-04-07
CVE-2025-24818 An OS Command Injection vulnerability in Nokia MantaRay NM — MantaRay NM 8.8AIHighAI2026-04-07
CVE-2025-24817 An OS Command Injection vulnerability in Nokia MantaRay NM — MantaRay NM 8.8 -2026-04-07
CVE-2025-10258 A time-based SQL Injection vulnerability in Infinera DNA — Infinera DNA 7.5AIHighAI2026-02-05
CVE-2025-9974 Insufficient Input Validation on WEBUI in Nokia ONT/Beacon product — Nokia ONT 8.8AIHighAI2026-02-02
CVE-2025-0980 JSON RPC authentication bypass in Nokia SR Linux — SR Linux 9.8 -2026-01-07
CVE-2023-49565 Remote Code Execution — CBIS,NCS 9.8AICriticalAI2025-09-18
CVE-2023-49564 Authentication Bypass — CBIS,NCS 9.1AICriticalAI2025-09-18
CVE-2025-24938 Insufficient Validation of Input while user creation — WaveSuite NOC 7.2 -2025-07-21
CVE-2025-24937 Access to local file system and its content — WaveSuite NOC 9.8 -2025-07-21
CVE-2025-24936 Insufficient Validation of Input in the URL — WaveSuite NOC 8.8 -2025-07-21
CVE-2025-24335 SOAP message input validation fault could in theory cause OAM service resource exhaustion — Nokia Single RAN 7.5AIHighAI2025-07-02
CVE-2025-24334 The Nokia Single RAN baseband reveals its software version through the MNO internal RAN management network — Nokia Single RAN 5.3AIMediumAI2025-07-02
CVE-2025-24333 Administrative user shell input validation fault — Nokia Single RAN 7.2AIHighAI2025-07-02
CVE-2025-24332 Authenticated admin user can connect baseband internally from one board to another without needing to re-authentication — Nokia Single RAN AirScale (Flexi Multiradio is not affected) 8.8AIHighAI2025-07-02
CVE-2025-24331 Nokia Single RAN baseband OAM service extensive capabilities — Nokia Single RAN 9.8AICriticalAI2025-07-02
CVE-2025-24330 OAM service path traversal issue caused by a crafted SOAP message PlanId field within the RAN management network — Nokia Single RAN 7.5AIHighAI2025-07-02
CVE-2025-24329 OAM service path traversal issue caused by a crafted SOAP message archive field within the RAN management network — Nokia Single RAN 7.5AIHighAI2025-07-02
CVE-2025-24328 OAM service stack overflow caused by crafted SOAP message within the MNO internal RAN management network — Nokia Single RAN 7.5AIHighAI2025-07-02
CVE-2023-6729 Nokia SR OS: File Access Security Vulnerability — SR OS (7250 IXR, 7450 ESS, 7750 SR, 7950 IXR, VSR), 7705 SAR OS, 7210 SAS OS 8.8AIHighAI2024-10-17
CVE-2023-6728 Nokia SR OS: BOF File Encryption Vulnerability — SR OS (7250 IXR, 7450 ESS, 7750 SR, 7950 IXR, VSR), 7705 SAR OS, 7210 SAS OS 7.5AIHighAI2024-10-17
CVE-2022-2484 Nokia ASIK AirScale 5G Common System Module 安全漏洞 — ASIK AirScale CWE-1274 8.4 High2023-01-06
CVE-2022-2483 Nokia ASIK AirScale 5G Common System Module 安全漏洞 — ASIK AirScale CWE-1282 8.4 High2023-01-06
CVE-2022-2482 Nokia ASIK AirScale 5G Common System Module 安全漏洞 — ASIK AirScale CWE-1274 8.4 High2023-01-06

This page lists every published CVE security advisory associated with Nokia. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.