VYPR

Single RAN baseband OAM service

by Nokia

CVEs (2)

  • CVE-2025-24331MedJul 2, 2025
    risk 0.42cvss 6.4epss 0.00

    The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive…

  • CVE-2025-24328MedJul 2, 2025
    risk 0.27cvss 4.2epss 0.00

    Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network (RAN) management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue…