Skip to main content

CVE-2025-24330: Vulnerability in Nokia Nokia Single RAN

Medium
VulnerabilityCVE-2025-24330cvecve-2025-24330
Published: Wed Jul 02 2025 (07/02/2025, 08:29:03 UTC)
Source: CVE Database V5
Vendor/Project: Nokia
Product: Nokia Single RAN

Description

Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later. Beginning with release 24R1-SR 1.0 MP, the OAM service software performed PlanId field input validations mitigate the reported path traversal issue.

AI-Powered Analysis

AILast updated: 07/02/2025, 08:55:39 UTC

Technical Analysis

CVE-2025-24330 is a vulnerability identified in Nokia Single RAN baseband software versions prior to 24R1-SR 1.0 MP. The issue arises from improper input validation of the PlanId field within a crafted SOAP 'provision' operation message sent over the Mobile Network Operator's internal Radio Access Network (RAN) management network. Specifically, this vulnerability allows a path traversal attack, where an attacker can manipulate the PlanId field to traverse directories on the underlying file system. This can potentially lead to unauthorized access or modification of files outside the intended directory scope. The vulnerability is rooted in the OAM (Operations, Administration, and Maintenance) service software's failure to properly validate input parameters before processing them. Starting with release 24R1-SR 1.0 MP, Nokia has implemented input validation on the PlanId field to mitigate this path traversal issue. The vulnerability affects all releases prior to this patched version. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet. The vulnerability is exploitable within the MNO internal RAN management network, implying that an attacker would require access to this internal network segment to exploit the flaw. The path traversal could allow attackers to access sensitive configuration files or system components, potentially leading to further compromise of the RAN infrastructure or disruption of network services.

Potential Impact

For European organizations, particularly Mobile Network Operators and telecommunications providers using Nokia Single RAN infrastructure, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to critical RAN management files, potentially enabling attackers to alter network configurations, disrupt service availability, or gain footholds for further lateral movement within the operator's network. Given the critical role of RAN in mobile communications, any disruption or compromise could impact service continuity, affecting millions of subscribers and critical communications services. Additionally, unauthorized access to configuration files could expose sensitive operational data, impacting confidentiality and integrity. The internal nature of the attack vector limits exposure to insiders or attackers who have already breached perimeter defenses, but the potential impact on network stability and security remains high. This could also have regulatory implications under European data protection and telecommunications regulations if service disruptions or data breaches occur.

Mitigation Recommendations

To mitigate this vulnerability, European MNOs and network operators should prioritize upgrading Nokia Single RAN baseband software to release 24R1-SR 1.0 MP or later, where the input validation for the PlanId field is implemented. Until the upgrade is applied, operators should enforce strict network segmentation and access controls to limit access to the internal RAN management network, ensuring only authorized personnel and systems can communicate with the OAM service. Implementing robust monitoring and anomaly detection on SOAP provisioning messages can help identify suspicious or malformed requests indicative of exploitation attempts. Additionally, operators should conduct regular audits of file system integrity and access logs on RAN management systems to detect unauthorized access or modifications. Employing multi-factor authentication and strong credential management for accessing the RAN management network further reduces the risk of unauthorized exploitation. Finally, operators should engage with Nokia support for any available patches, workarounds, or additional guidance specific to their deployment.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Nokia
Date Reserved
2025-01-20T05:33:25.523Z
Cvss Version
null
State
PUBLISHED

Threat ID: 6864f0416f40f0eb729218a9

Added to database: 7/2/2025, 8:39:29 AM

Last enriched: 7/2/2025, 8:55:39 AM

Last updated: 7/3/2025, 3:54:53 AM

Views: 6

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats