/cve/cve-2023-49565


During my work at Orange I manage to find some vulnerabilities on a sensitive Nokia asset.
I can't disclose informations since Nokia has not published on public canals those informations yet.
  • Mitre: CVE-2023-49564
  • I can say that it is a set of three vulnerabilities
    - CVE-2023-49564
    - CVE-2023-29467
    - CVE-2023-49565
    That are criticals, CVSS:8.8 up to CVSS:9.0 and they are a chain of 1 authentication bypass and 2 Remote Code Execution resulting in root access on the asset.

    And I am glad to have joined the Nokia Hall of Fame for these findings