Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nokia vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-26062
A mobile network solution internal fault is found in Nokia Web Element Manager prior to 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exp...
Nokia Web Element Manager
7.8
CVSSv3
CVE-2022-31244
Nokia OneNDS 17r2 has Insecure Permissions vulnerability that allows for privilege escalation.
Nokia One-network Directory Server 17r2
7.8
CVSSv3
CVE-2022-2484
The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an malicious user to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs.
Nokia Asik Airscale 474021a.101 Firmware -
7.8
CVSSv3
CVE-2021-32287
An issue exists in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicWidth() located in hevcdecoderconfigrecord.cpp. It allows an malicious user to cause code Execution.
Nokia Heif
7.8
CVSSv3
CVE-2021-32288
An issue exists in heif through v3.6.2. A global-buffer-overflow exists in the function HevcDecoderConfigurationRecord::getPicHeight() located in hevcdecoderconfigrecord.cpp. It allows an malicious user to cause code Execution.
Nokia Heif
7.5
CVSSv3
CVE-2023-41376
Nokia Service Router Operating System (SR OS) 22.10 and SR Linux, when error-handling update-fault-tolerance is not enabled, mishandle BGP path attributes.
Nokia Service Router Linux -
Nokia Service Router Operating System 22.10
7.5
CVSSv3
CVE-2022-39821
In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem.
Nokia 1350 Optical Management System 14.2
7.5
CVSSv3
CVE-2019-3917
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated malicious user to enable telnetd on the router via a crafted HTTP request.
Nokia I-240w-q Gpon Ont Firmware 3fe54567bozj19
7.2
CVSSv3
CVE-2023-41352
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate service...
Nokia G-040w-q Firmware G040wqr201207
7.1
CVSSv3
CVE-2022-2483
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
Nokia Asik Airscale 474021a.102 Firmware -
Nokia Asik Airscale 474021a.101 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »