7.8
CVE-2025-7406
- EPSS 0.13%
- Veröffentlicht 30.06.2026 08:59:58
- Zuletzt bearbeitet 30.06.2026 14:23:38
- Quelle b48c3b8f-639e-4c16-8725-497bc4
- CVE-Watchlists
- Unerledigt
A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM
Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerNokia
≫
Produkt
MantaRay NM
Version
<NM 25R1-NM
Status
affected
Version
≥NM 25R1-NM
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.028 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-7406/