CVE Catalog

CVE-2025-7406

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile — higher than 7% of all known CVEs

Summary

A vulnerability in Nokia MantaRay NM allows a local attacker with local admin privileges to escalate to full root privileges on the host. Successful exploitation results in root-level filesystem access and the ability to execute actions as root.

Risk Assessment

The risk involves complete system compromise by a privileged user, potentially leading to unauthorized access to sensitive data and full control over the infrastructure.

Recommendation

It is recommended to restrict the set of commands permitted via sudo for affected accounts as a temporary mitigation. Apply the official patch from the vendor as soon as it becomes available.

Original NVD description (English source)

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS