CVE-2025-24333 – Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

July 2, 2025

CVE ID : CVE-2025-24333

Published : July 2, 2025, 9:15 a.m. | 27 minutes ago

Description : Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which authenticated admin user can, in theory, potentially use for injecting arbitrary commands for unprivileged baseband OAM service process execution via special characters added to baseband internal COMA_config.xml file.

This issue has been corrected starting from release 24R1-SR 1.0 MP and later, by adding proper input validation to OAM service process which prevents injecting special characters via baseband internal COMA_config.xml file.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-24334 – Nokia Single RAN Baseband Software Information Disclosure Vulnerability

Next Article CVE-2025-24332 – Nokia Single RAN AirScale Baseband SSH Privilege Escalation

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-24333 – Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Trump Is A National Disgrace Shirt

From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware

CVE-2025-36506 – RICOH Streamline NX V3 PC Client File Path Traversal

Build an intelligent financial analysis agent with LangGraph and Strands Agents

CVE-2025-1908 – GitLab Information Disclosure and Session Hijacking Vulnerability

K4DirStat – small utility program

CNCF Triggers a Platform Parity Breakthrough for Arm64 and x86

Radiant Photo 2 Review: Powerful Automated Photo Editing

CVE-2025-24333 – Nokia Single RAN Baseband Administrative Shell Command Injection Vulnerability

Related Posts