Nokia has moved to patch vulnerabilities that could put mobile telecommunications networks at risk of compromise.
The vulnerabilities came to light via a recent US Cybersecurity and Infrastructure Security Agency (CISA) advisory, with all vulnerabilities rated High severity (CVSS score 8.4).
CISA said the vulnerabilities include improper access controls for volatile memory containing boot code; and the discovery that data assumed to be immutable is stored in writable memory.
Successful exploitation could result in Nokia baseband units executing a malicious kernel, running malicious programs, or running modified Nokia programs.
In CVE-2022-2482 (not yet published in the Mitre CVE list), Nokia ASIK AirScale system module versions 474021A.101 and 474021A.102 could let an attacker “place a script on the file system accessible from Linux,” CISA said.
That script could allow for “arbitrary code execution in the bootloader.”
CVE-2022-2484 is a signature check bypass in AirScale system module version 474021A.101, allowing an attacker can run modified firmware.
“This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs,” CISA said.
Finally, in CVE-2022-2483, the bootloader in the AirScale system module versions 474021A.101 and 474021A.102 “loads public keys for firmware verification signature.
“If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device,” the advisory stated.
Nokia has patched all three vulnerabilities.
Discovery is attributed to Joel Cretan of Red Balloon Security.