Vulnerability: Permanent Disabling of Secure Boot in Nokia ASIK AirScale System Module

Vulnerability: Permanent Disabling of Secure Boot in Nokia ASIK AirScale System Module

CVE-2022-2483 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.

Learn more about our Web Application Penetration Testing UK.