Medium severity6.8NVD Advisory· Published Aug 16, 2024· Updated Apr 15, 2026

CVE-2024-25008

Description

Ericsson RAN Compute and Site Controller 6610 contains a vulnerability in the Control System where Improper Input Validation can lead to arbitrary code execution, for example to obtain a Linux Shell with the same privileges as the attacker. The attacker would require elevated privileges for example a valid OAM user having the system administrator role to exploit the vulnerability.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ericsson.com/en/about-us/security/psirt/security-bulletin-ericsson-ran-compute-august-2024nvd

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000