41 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20 CNF vRAN extras topology aware lifecycle manager update
An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.20. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...
FlexRIC 安全漏洞
FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from handling RICINDICATION messages that do not contain the ranfuncid field, causing an assert to be triggered or null pointer...
From Spoofing to Trust: Emergency Alerts Spoofing Testbed and Cross-Cell Verification
Public warning systems PWS in cellular networks enable authorities to broadcast emergency alerts to all mobile phones in a geographic region in the event of threats such as earthquakes or severe weather. If an attacker can imitate these alerts and transmit a forged warning containing fake news or...
Security and Privacy in O-RAN for 6G: A Comprehensive Review of Threats and Mitigation Approaches
Open Radio Access Network O-RAN is a major advancement in the telecommunications field, providing standardized interfaces that promote interoperability between different vendors' technologies, thereby enhancing network flexibility and reducing operational expenses. By leveraging cutting-edge...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.82 CNF vRAN extras topology aware lifecycle manager update
An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.12. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...
Agentic AI for 6G: A New Paradigm for Autonomous RAN Security Compliance
Agentic AI systems are emerging as powerful tools for automating complex, multi-step tasks across various industries. One such industry is telecommunications, where the growing complexity of next-generation radio access networks RANs opens up numerous opportunities for applying these systems...
Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions
Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks B5G introduces emerging compute capabilities into the...
CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...
A Demonstration of Self-Adaptive Jamming Attack Detection in AI/ML Integrated O-RAN
The open radio access network O-RAN enables modular, intelligent, and programmable 5G network architectures through the adoption of software-defined networking, network function virtualization, and implementation of standardized open interfaces. However, one of the security concerns for O-RAN,...
EUVD-2025-19725
Malicious code in bioql PyPI...
CVE-2025-57446
An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service DoS via a crafted request to the Subscription Manager API component...
PT-2025-39424
Name of the Vulnerable Software and Affected Versions O-RAN Near Realtime RIC versions affected versions not specified Description An issue exists in the O-RAN Near Realtime RIC ric-plt-submgr component within the J-Release environment. This allows remote attackers to cause a denial of service Do...
Jamming Smarter, Not Harder: Exploiting O-RAN Y1 RAN Analytics for Efficient Interference
The Y1 interface in O-RAN enables the sharing of RAN Analytics Information RAI between the near-RT RIC and authorized Y1 consumers, which may be internal applications within the operator's trusted domain or external systems accessing data through a secure exposure function. While this visibility...
Markov Chain-Based Model of Blockchain Radio Access Networks
Security has always been a priority, for researchers, service providers and network operators when it comes to radio access networks RAN. One wireless access approach that has captured attention is blockchain enabled RAN B-RAN due to its secure nature. This research introduces a framework that...
Linux Distros Unpatched Vulnerability : CVE-2025-38294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when...
CVE-2025-24330
Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause path traversal issue in Nokia Single RAN baseband software with versions earlier than release 24R1-SR 1.0 MP. This issue has been...
CVE-2025-24328
Sending a crafted SOAP "set" operation message within the Mobile Network Operator MNO internal Radio Access Network RAN management network can cause Nokia Single RAN baseband OAM service component restart with software versions earlier than release 24R1-SR 1.0 MP. This issue has been corrected to...
The vulnerability of Nokia’s Single RAN network management platform lies in the improper validation of certain types of input data, allowing attackers to trigger service interruptions.
The vulnerability of the Nokia Single RAN network management platform is related to the improper validation of certain types of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of Nokia’s Single Radio Access Network management platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Nokia Single RAN network management platform lies in the incorrect limitation of the path name when processing the PlanId parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informati...
The vulnerability of Nokia’s Single Radio Access Network management platform lies in the fact that system data can be disclosed to unauthorized individuals, allowing a intruder to gain unauthorized access to protected information.
The vulnerability of the Nokia Single RAN network management platform lies in the ability to expose system data to unauthorized individuals. Exploiting this vulnerability could allow a hacker to gain unauthorized access to protected information by sending a specially crafted POST request...