Important: Red Hat Security Advisory: OpenShift Container Platform 4.20 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.20. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

FlexRIC security vulnerabilities

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from handling RICINDICATION messages that do not contain the ranfuncid field, causing an assert to be triggered or null pointer...

Security and Privacy in O-RAN for 6G: A Comprehensive Review of Threats and Mitigation Approaches

Open Radio Access Network O-RAN is a major advancement in the telecommunications field, providing standardized interfaces that promote interoperability between different vendors' technologies, thereby enhancing network flexibility and reducing operational expenses. By leveraging cutting-edge...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.82 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.12. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

Agentic AI for 6G: A New Paradigm for Autonomous RAN Security Compliance

Agentic AI systems are emerging as powerful tools for automating complex, multi-step tasks across various industries. One such industry is telecommunications, where the growing complexity of next-generation radio access networks RANs opens up numerous opportunities for applying these systems...

Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions

Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks B5G introduces emerging compute capabilities into the...

CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller

EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...

A Demonstration of Self-Adaptive Jamming Attack Detection in AI/ML Integrated O-RAN

The open radio access network O-RAN enables modular, intelligent, and programmable 5G network architectures through the adoption of software-defined networking, network function virtualization, and implementation of standardized open interfaces. However, one of the security concerns for O-RAN,...

EUVD-2025-19725

Malicious code in bioql PyPI...

CVE-2025-57446

An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service DoS via a crafted request to the Subscription Manager API component...

Markov Chain-Based Model of Blockchain Radio Access Networks

Security has always been a priority, for researchers, service providers and network operators when it comes to radio access networks RAN. One wireless access approach that has captured attention is blockchain enabled RAN B-RAN due to its secure nature. This research introduces a framework that...

CVE-2025-24330

Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...

CVE-2025-24328

Sending a crafted SOAP "set" operation message within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to...

The vulnerability of Nokia’s Single Radio Access Network management platform lies in the fact that system data can be disclosed to unauthorized individuals, allowing a intruder to gain unauthorized access to protected information.

The vulnerability of the Nokia Single RAN network management platform lies in the ability to expose system data to unauthorized individuals. Exploiting this vulnerability could allow a hacker to gain unauthorized access to protected information by sending a specially crafted POST request...

The vulnerability of Nokia’s Single Radio Access Network management platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Nokia Single RAN network management platform lies in the incorrect limitation of the path name when processing the PlanId parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informati...

CVE-2025-24330

Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...

CVE-2025-24329

Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has bee...

CVE-2025-24330 OAM service path traversal issue caused by a crafted SOAP message PlanId field within the RAN management network

Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...

CVE-2025-24328 OAM service stack overflow caused by crafted SOAP message within the MNO internal RAN management network

Sending a crafted SOAP "set" operation message within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to...

Nokia Single RAN 安全漏洞

Nokia Single RAN is a wireless network technology from Nokia Finland. A security vulnerability exists in Nokia Single RAN 24R1-SR version prior to 1.0 MP, which originates from a stack overflow that could result in a restart of a service component...