CVE-2025-55048 is a critical security vulnerability affecting multiple Baicells products, including NEUTRINO430, NOVA436Q, NOVA430e/430i, NOVA846, NOVA246, NOVA243, NOVA233, and NOVA227. The vulnerability is classified under CWE-78, which corresponds to OS Command Injection. This type of vulnerability allows an attacker to execute arbitrary operating system commands on the affected device. The affected versions include various releases of Baicells' BaiBS_RTS and BaiBS_RTD software, specifically versions from 3.6.6 through 3.7.11.16 and 3.7.11.6 respectively. The CVSS v3.1 base score is 9.8, indicating a critical severity level. The vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H indicates that the vulnerability is remotely exploitable over the network without any privileges or user interaction, and it impacts confidentiality, integrity, and availability to a high degree. The vulnerability likely arises from improper sanitization or validation of input that is passed to system commands, enabling attackers to inject malicious commands. Exploitation could lead to full system compromise, data theft, service disruption, or use of the device as a foothold for further network attacks. Although no known exploits are currently reported in the wild, the critical nature and ease of exploitation make it a significant threat. Baicells products are commonly used in wireless broadband infrastructure, including LTE and 5G small cell deployments, which are critical for telecommunications providers and enterprise networks.

For European organizations, the impact of CVE-2025-55048 could be severe. Baicells equipment is deployed by various telecom operators and private network providers across Europe, especially in rural or enterprise private LTE/5G networks. Successful exploitation could lead to unauthorized access to network infrastructure, enabling attackers to intercept or manipulate sensitive communications, disrupt service availability, or pivot to other internal systems. This could affect critical sectors such as telecommunications, government agencies, transportation, and utilities that rely on Baicells hardware for connectivity. The compromise of network infrastructure could result in significant operational downtime, data breaches involving personal or corporate data, and erosion of trust in service providers. Additionally, given the remote and unauthenticated nature of the exploit, attackers could launch attacks at scale, potentially impacting multiple organizations simultaneously. The lack of current public exploits does not diminish the urgency, as threat actors often develop exploits rapidly following disclosure of such critical vulnerabilities.

Organizations using Baicells NEUTRINO and NOVA series devices should immediately verify their firmware versions and upgrade to patched versions once Baicells releases them. In the absence of official patches, network administrators should implement compensating controls such as isolating affected devices from untrusted networks, restricting management interfaces to trusted IP addresses, and employing strict firewall rules to limit access. Monitoring network traffic for unusual command execution patterns or anomalies in device behavior is recommended. Additionally, organizations should conduct thorough audits of their Baicells devices to detect any signs of compromise. Implementing network segmentation to separate critical infrastructure from general user networks can reduce the blast radius of a potential exploit. Vendors and operators should also consider deploying intrusion detection/prevention systems (IDS/IPS) tuned to detect attempts to exploit command injection vulnerabilities. Finally, maintaining an incident response plan that includes scenarios involving network infrastructure compromise will help organizations respond effectively if exploitation occurs.