CVE-2022-2484

Summary

The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs.

Affected Software

VendorProductVersion RangeStatus
NokiaASIK AirScale474021A.101affected

Weaknesses

  • CWE-1274: CWE-1274 Improper Access Control for Volatile Memory Containing Boot Code

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References