Overview
- Description
- The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 5.2
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
- Severity
- HIGH
Weaknesses
- ics-cert@hq.dhs.gov
- CWE-1282
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nokia:asik_airscale_474021a.102_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB6EED50-DC10-46C4-905F-45D7E92B8AA3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nokia:asik_airscale_474021a.102:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5F80584F-0E62-459D-8DEC-59D9CA01C0E9"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nokia:asik_airscale_474021a.101_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "248B23EE-D2EE-4B6A-9FD6-C059E1709968"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nokia:asik_airscale_474021a.101:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A685A9FC-9938-49D3-A71C-89E8E88F3770"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]