CVE-2024-25010

Summary

Ericsson RAN Compute and Site Controller 6610 contains in certain configurations a high severity vulnerability where improper input validation could be exploited leading to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
EricssonEricsson RAN Compute Basebands (all BB variants)0 < 24.Q4affected
EricssonEricsson RAN Compute Basebands (all BB variants)0 < RCG123.1-4affected
EricssonSite Controller 66100 < S24.Q4affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References