Security
Headlines
HeadlinesLatestCVEs

Tag

#nokia

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom's Remote Access Server (RAS), which "could allow an attacker to obtain sensitive information and

The Hacker News
#vulnerability#web#mac#backdoor#nokia#auth#The Hacker News
OneLayer Opens 5G Security Lab for Network Security Companies to Research Threats to Private Cellular Networks

Cybersecurity and telecom providers from around the world can now test their technologies and use cases in OneLayer's digital twin private network environment.

CVE-2022-20429: Android Automotive OS Update Bulletin—October 2022  |  Android Open Source Project

In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220741473

CVE-2021-0696: Android Security Bulletin—October 2022  |  Android Open Source Project

In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-242344778

This Vote Could Change the Course of Internet History

UN countries are preparing to pick a new head of the International Telecommunications Union. Who wins could shape the open web's future.

CVE-2022-38788: GitHub - ProxyStaffy/Nokia-FastMile-5G-Receiver-5G14-B

An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key).

CVE-2022-20399: Android Security Bulletin—September 2022  |  Android Open Source Project

In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219808546References: Upstream kernel

CVE-2022-35242: THE Leads Management System: 59sec LITE

Unauthenticated plugin settings change vulnerability in 59sec THE Leads Management System: 59sec LITE plugin <= 3.4.1 at WordPress.