CVE-2022-2482
Published: 06 January 2023
Summary
CVE-2022-2482 is a high-severity Improper Access Control for Volatile Memory Containing Boot Code (CWE-1274) vulnerability in Nokia Asik Airscale 474021A.102 Firmware. Its CVSS base score is 8.4 (High).
Operationally, ranked at the 17.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-34741
Vulnerability details
A vulnerability exists in Nokia’s ASIK AirScale system module (versions 474021A.101 and 474021A.102) that could allow an attacker to place a script on the file system accessible from Linux. A script placed in the appropriate place could allow for arbitrary…
more
code execution in the bootloader.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.