CVE-2022-2484 HIGH

CVE-2022-2484

Vendor Nokia

Product ASIK AirScale

Weakness CWE-1274

Published January 6, 2023

Last update January 16, 2025

View on NVD All CVEs

CVSS base score

8.4/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality None

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

What the vulnerability does

01Description

The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs.

Key dates

02Disclosure timeline

January 6, 2023 CVE published

January 16, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-2484 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/1274.html

Related vulnerabilities

CVE-2022-2484

01Description

02Disclosure timeline

03References

04Related CVE