CVE-2022-2483

Description

The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be permanently disabled on a given device.

CVSS Version 3.1

nvd
CVE ID: CVE-2022-2483
Base Score: 7.1
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Impact Score: 5.2
Exploitability Score: 1.8

hq.dhs
CVE ID: CVE-2022-2483
Base Score: 8.4
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Impact Score: 5.8
Exploitability Score: 2.0

Content on GitHub

convisolabs | watchers:22

CVE-2022-24834

Refrence: GitHub

DukeSec97 | watchers:0

CVE-2022-24834-

Refrence: GitHub

Refrence: NVD MITRE

Description​

Content on GitHub​

Description

Content on GitHub