Skip to main content

Nokia MantaRay NM CVE-2025-7406

| EUVDEUVD-2025-210371 HIGH
Improper Privilege Management (CWE-269)
2026-06-30 Nokia GHSA-5xvf-r542-vqqf
7.8
CVSS 3.1 · Vendor: Nokia
Share

Severity by source

Vendor (Nokia) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Local access with a pre-existing admin foothold gives AV:L and PR:L; simple sudo abuse is AC:L, and root takeover yields full C:H/I:H/A:H with no scope change.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Nokia).

CVSS VectorVendor: Nokia

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jun 30, 2026 - 14:22 vuln.today
CVSS changed
Jun 30, 2026 - 14:22 NVD
7.8 (HIGH)
CVE Published
Jun 30, 2026 - 08:59 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.

AnalysisAI

Local privilege escalation in Nokia MantaRay NM (network management) lets an attacker who already holds local administrative privileges abuse a misconfigured sudo command set to obtain full root access on the host, gaining complete control of the filesystem and arbitrary root command execution. The flaw was reported by Nokia and affects versions prior to NM 25R1-NM, with no public exploit identified at time of analysis and a low EPSS exploitation probability of 0.17%.

Technical ContextAI

MantaRay NM is Nokia's element/network management platform deployed on a Linux-based host, where privileged operations are brokered through sudo. The weakness maps to CWE-269 (Improper Privilege Management): the sudoers policy grants the local-admin accounts the ability to run one or more commands as root that can in turn be leveraged to spawn an unrestricted root shell or modify root-owned files. This is the classic sudo-misconfiguration escalation pattern - an overly permissive allowed-command list (or a command that permits shell escape / arbitrary file write) collapses the boundary between the application's admin role and the underlying OS root account. The affected CPE is cpe:2.3:a:nokia:mantaray_nm:*:*:*:*:*:*:*:*.

RemediationAI

Upgrade Nokia MantaRay NM to release NM 25R1-NM or later, which is the fixed version per the EUVD affected-range data; consult Nokia's advisory at https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-7406/ for the precise patch package and upgrade procedure. As a temporary mitigation explicitly endorsed by Nokia, restrict the set of commands permitted via sudo for the affected local-admin accounts - remove or narrow any sudoers entries allowing root execution of commands that permit shell escape or arbitrary file writes, and avoid wildcard or ALL grants; the trade-off is that legitimate administrative automation relying on those sudo commands may break and require re-scoping. Additionally limit which personnel hold MantaRay local-admin accounts and monitor sudo usage on the host until patched.

Share

CVE-2025-7406 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy