Описание
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:nokia:asik_airscale_474021a.102_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nokia:asik_airscale_474021a.102:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:nokia:asik_airscale_474021a.101_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nokia:asik_airscale_474021a.101:-:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00056
Низкий
8.4 High
CVSS3
7.1 High
CVSS3
Дефекты
CWE-1282
Связанные уязвимости
CVSS3: 7.1
github
около 3 лет назад
The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
EPSS
Процентиль: 17%
0.00056
Низкий
8.4 High
CVSS3
7.1 High
CVSS3
Дефекты
CWE-1282