CVE-2025-24334 is a vulnerability identified in Nokia's Single RAN baseband software versions prior to 23R2-SR 1.0 MP. The vulnerability allows an attacker to obtain the exact software release version of the affected Nokia Single RAN baseband by sending a specially crafted HTTP POST request through the Mobile Network Operator's (MNO) internal Radio Access Network (RAN) management network. This disclosure of software version information can aid attackers in reconnaissance efforts, enabling them to tailor subsequent attacks or exploit other vulnerabilities specific to that software version. The vulnerability requires access to the internal RAN management network, which is typically restricted and not exposed to the public internet, thus limiting the attack surface. No known exploits are currently reported in the wild, and no CVSS score has been assigned to this vulnerability. The absence of authentication or user interaction requirements is not explicitly stated, but given the need to send HTTP POST requests within the internal network, it implies that the attacker must have some level of network access or insider capability. While the vulnerability itself does not directly compromise confidentiality, integrity, or availability, it can be leveraged as part of a larger attack chain by providing critical information about the network infrastructure. This vulnerability highlights the importance of securing internal management networks and limiting access to sensitive network components.

For European organizations, particularly Mobile Network Operators (MNOs) and telecommunications providers using Nokia Single RAN baseband equipment, this vulnerability could facilitate targeted reconnaissance by threat actors. By revealing precise software versions, attackers can identify unpatched or outdated systems and plan more effective attacks, potentially leading to service disruptions or data breaches if combined with other exploits. Although the vulnerability itself does not directly cause service degradation or data leakage, it increases the risk profile of the affected networks. Given the critical role of RAN infrastructure in mobile communications, any compromise or exploitation stemming from this vulnerability could impact network reliability and customer trust. Additionally, European telecom providers are subject to stringent regulatory requirements (e.g., GDPR, NIS Directive) that mandate robust security controls; thus, even indirect vulnerabilities like this one can have compliance implications. The threat is more significant in environments where internal network segmentation or access controls are weak, increasing the likelihood of unauthorized access to the RAN management network.

To mitigate this vulnerability, European MNOs and telecom operators should implement strict access controls and network segmentation to ensure that the RAN management network is isolated from general corporate and public networks. Employing strong authentication mechanisms and monitoring for unusual HTTP POST requests within the internal network can help detect and prevent exploitation attempts. Operators should prioritize upgrading Nokia Single RAN baseband software to version 23R2-SR 1.0 MP or later, where this vulnerability is addressed. In the absence of an official patch, applying compensating controls such as limiting administrative access to trusted personnel, using VPNs with multi-factor authentication for remote access, and conducting regular security audits of the RAN management infrastructure are recommended. Additionally, implementing intrusion detection systems (IDS) tailored to recognize anomalous management traffic patterns can provide early warnings of reconnaissance activities. Maintaining an up-to-date asset inventory and vulnerability management program will also aid in timely identification and remediation of such issues.