CVE-2025-55047 is a high-severity vulnerability identified in the Baicells SPECTRA LTE-U eNB product, specifically affecting the U4G-AP1000 BaiStation_FDD version. The vulnerability is classified under CWE-798, which refers to the use of hard-coded credentials within the product. Hard-coded credentials are embedded usernames and passwords or cryptographic keys that are hardwired into the device's firmware or software, making them immutable without a firmware update or patch. This flaw allows an attacker with local access (as indicated by the CVSS vector AV:L) to potentially authenticate without authorization, as no privileges or user interaction are required (PR:N/UI:N). The vulnerability impacts confidentiality, integrity, and availability (C:H/I:H/A:H), meaning an attacker could fully compromise the device, intercept or manipulate data, and disrupt service. The vulnerability has a CVSS 3.1 score of 8.4, reflecting its high severity. Although no known exploits are currently reported in the wild, the presence of hard-coded credentials is a critical security weakness that could be exploited by attackers who gain local network access or physical proximity to the device. The LTE-U eNB (Evolved Node B) is a critical component in LTE networks, responsible for radio communications between user equipment and the core network, making this vulnerability particularly sensitive in telecommunications infrastructure.

For European organizations, especially telecommunications providers and enterprises deploying private LTE networks using Baicells SPECTRA LTE-U eNB devices, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to network infrastructure, allowing attackers to intercept sensitive communications, manipulate network traffic, or cause denial of service by disrupting base station operations. This could impact confidentiality of user data, integrity of network services, and availability of LTE connectivity. Given the critical role of LTE infrastructure in public safety, industrial IoT, and enterprise communications, such compromise could have cascading effects on business operations and national security. Additionally, regulatory compliance under GDPR and NIS Directive may be affected if personal data or critical infrastructure is compromised. The lack of known exploits currently provides a window for proactive mitigation, but the high severity score and ease of exploitation without authentication highlight the urgency for European organizations to address this vulnerability promptly.

1. Immediate mitigation should include isolating affected Baicells SPECTRA LTE-U eNB devices from untrusted networks to limit local access vectors. 2. Network segmentation and strict access controls should be enforced to restrict who can reach these devices. 3. Monitor network traffic for unusual authentication attempts or access patterns to detect potential exploitation attempts early. 4. Engage with Baicells support or authorized vendors to obtain firmware updates or patches as soon as they become available, as no patches are currently listed. 5. If patching is delayed, consider replacing affected devices with alternative hardware that does not contain hard-coded credentials. 6. Implement strong physical security controls to prevent unauthorized physical access to the devices. 7. Conduct regular security audits and penetration testing focused on LTE infrastructure to identify and remediate similar vulnerabilities. 8. Update incident response plans to include scenarios involving compromised LTE base stations to ensure rapid containment and recovery.