Skip to main content

CVE-2025-24334: Vulnerability in Nokia Nokia Single RAN

Low
VulnerabilityCVE-2025-24334cvecve-2025-24334
Published: Wed Jul 02 2025 (07/02/2025, 08:34:12 UTC)
Source: CVE Database V5
Vendor/Project: Nokia
Product: Nokia Single RAN

Description

The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the exact software release version by sending a specific HTTP POST request through the Mobile Network Operator (MNO) internal RAN management network.

AI-Powered Analysis

AILast updated: 07/02/2025, 08:54:47 UTC

Technical Analysis

CVE-2025-24334 is a vulnerability identified in Nokia's Single RAN baseband software versions prior to 23R2-SR 1.0 MP. The vulnerability allows an attacker to obtain the exact software release version of the affected Nokia Single RAN baseband by sending a specially crafted HTTP POST request through the Mobile Network Operator's (MNO) internal Radio Access Network (RAN) management network. This disclosure of software version information can aid attackers in reconnaissance efforts, enabling them to tailor subsequent attacks or exploit other vulnerabilities specific to that software version. The vulnerability requires access to the internal RAN management network, which is typically restricted and not exposed to the public internet, thus limiting the attack surface. No known exploits are currently reported in the wild, and no CVSS score has been assigned to this vulnerability. The absence of authentication or user interaction requirements is not explicitly stated, but given the need to send HTTP POST requests within the internal network, it implies that the attacker must have some level of network access or insider capability. While the vulnerability itself does not directly compromise confidentiality, integrity, or availability, it can be leveraged as part of a larger attack chain by providing critical information about the network infrastructure. This vulnerability highlights the importance of securing internal management networks and limiting access to sensitive network components.

Potential Impact

For European organizations, particularly Mobile Network Operators (MNOs) and telecommunications providers using Nokia Single RAN baseband equipment, this vulnerability could facilitate targeted reconnaissance by threat actors. By revealing precise software versions, attackers can identify unpatched or outdated systems and plan more effective attacks, potentially leading to service disruptions or data breaches if combined with other exploits. Although the vulnerability itself does not directly cause service degradation or data leakage, it increases the risk profile of the affected networks. Given the critical role of RAN infrastructure in mobile communications, any compromise or exploitation stemming from this vulnerability could impact network reliability and customer trust. Additionally, European telecom providers are subject to stringent regulatory requirements (e.g., GDPR, NIS Directive) that mandate robust security controls; thus, even indirect vulnerabilities like this one can have compliance implications. The threat is more significant in environments where internal network segmentation or access controls are weak, increasing the likelihood of unauthorized access to the RAN management network.

Mitigation Recommendations

To mitigate this vulnerability, European MNOs and telecom operators should implement strict access controls and network segmentation to ensure that the RAN management network is isolated from general corporate and public networks. Employing strong authentication mechanisms and monitoring for unusual HTTP POST requests within the internal network can help detect and prevent exploitation attempts. Operators should prioritize upgrading Nokia Single RAN baseband software to version 23R2-SR 1.0 MP or later, where this vulnerability is addressed. In the absence of an official patch, applying compensating controls such as limiting administrative access to trusted personnel, using VPNs with multi-factor authentication for remote access, and conducting regular security audits of the RAN management infrastructure are recommended. Additionally, implementing intrusion detection systems (IDS) tailored to recognize anomalous management traffic patterns can provide early warnings of reconnaissance activities. Maintaining an up-to-date asset inventory and vulnerability management program will also aid in timely identification and remediation of such issues.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Nokia
Date Reserved
2025-01-20T05:33:25.524Z
Cvss Version
null
State
PUBLISHED

Threat ID: 6864f0416f40f0eb729218b5

Added to database: 7/2/2025, 8:39:29 AM

Last enriched: 7/2/2025, 8:54:47 AM

Last updated: 7/3/2025, 6:45:54 PM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats