Medium severity4.2NVD Advisory· Published Jul 2, 2025· Updated Apr 15, 2026

CVE-2025-24328

Description

Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to release 24R1-SR 1.0 MP and later.

The OAM service component restarts automatically after the stack overflow without causing a base station restart or network service degradation, and without leaving any permanent impact on the Nokia Single RAN baseband OAM service.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24328/nvd

News mentions

No linked articles in our index yet.

cvss	0.273
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000