What is CVE-2022-2483?

CVE-2022-2483 is a high-severity vulnerability in Nokia Asik Airscale, classified under CWE-1282. CVSS score: 8.4/10. Published 2023-01-06.

How severe is CVE-2022-2483?

High severity. CVSS v3 base score is 8.4 out of 10.

Vulnerability in Nokia Asik Airscale

CVE-2022-2483

The bootloader in the Nokia ASIK AirScale system module (versions 474021A.101 and 474021A.102) loads public keys for firmware verification signature. If an attacker modifies the flash contents to corrupt the keys, secure boot could be per…

EPSS: 0.001 (17.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.4 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H.

Affected products

Nokia Asik Airscale — versions 474021A.101, 474021A.102

Weakness classification (CWE)

CWE-1282

References

www.cisa.gov/uscert/ics/advisories/icsa-22-307-02 (government-resource)

Frequently asked questions

What is CVE-2022-2483?: CVE-2022-2483 is a high-severity vulnerability in Nokia Asik Airscale, classified under CWE-1282. CVSS score: 8.4/10. Published 2023-01-06.
How severe is CVE-2022-2483?: High severity. CVSS v3 base score is 8.4 out of 10.