Skip to main content

Nokia Sr Linux

1 CVEs product

Monthly

CVE-2025-9912 MEDIUM PATCH This Month

Local privilege escalation in Nokia SR Linux (multiple release branches prior to 23.10.8, 24.10.6, and 25.7.2) allows an authenticated local user to execute arbitrary commands with superuser (root) privilege. Rooted in CWE-269 (Improper Privilege Management), this flaw enables a user who has already obtained a local session on the network OS to break out of their assigned privilege boundary and gain full control of the system. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog; however, Nokia has confirmed a patch and self-reported the issue.

Privilege Escalation Nokia Nokia Sr Linux
NVD VulDB
CVSS 3.1
6.3
EPSS
0.2%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Local privilege escalation in Nokia SR Linux (multiple release branches prior to 23.10.8, 24.10.6, and 25.7.2) allows an authenticated local user to execute arbitrary commands with superuser (root) privilege. Rooted in CWE-269 (Improper Privilege Management), this flaw enables a user who has already obtained a local session on the network OS to break out of their assigned privilege boundary and gain full control of the system. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog; however, Nokia has confirmed a patch and self-reported the issue.

Privilege Escalation Nokia Nokia Sr Linux
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy