{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-7406", "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0", "state": "PUBLISHED", "assignerShortName": "Nokia", "dateReserved": "2025-07-10T06:10:12.822Z", "datePublished": "2026-06-30T08:59:58.941Z", "dateUpdated": "2026-06-30T13:31:51.576Z"}, "containers": {"cna": {"title": "A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM", "descriptions": [{"lang": "en", "value": "Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts."}], "affected": [{"vendor": "Nokia", "product": "MantaRay NM", "versions": [{"version": "<NM 25R1-NM", "status": "affected"}, {"version": "\u2265NM 25R1-NM", "status": "unaffected"}]}], "references": [{"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-7406/", "name": "Nokia Product Security Advisory"}], "providerMetadata": {"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0", "shortName": "Nokia", "dateUpdated": "2026-06-30T08:59:58.941Z"}, "x_generator": {"engine": "cveClient/1.0.15"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-269", "lang": "en", "description": "CWE-269 Improper Privilege Management"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-06-30T13:31:19.958711Z", "id": "CVE-2025-7406", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-30T13:31:51.576Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-7406", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-30T13:31:19.958711Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-30T13:31:47.476Z"}}], "cna": {"title": "A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM", "affected": [{"vendor": "Nokia", "product": "MantaRay NM", "versions": [{"status": "affected", "version": "<NM 25R1-NM"}, {"status": "unaffected", "version": "\u2265NM 25R1-NM"}]}], "references": [{"url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-7406/", "name": "Nokia Product Security Advisory"}], "x_generator": {"engine": "cveClient/1.0.15"}, "descriptions": [{"lang": "en", "value": "Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts."}], "providerMetadata": {"orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0", "shortName": "Nokia", "dateUpdated": "2026-06-30T08:59:58.941Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7406", "state": "PUBLISHED", "dateUpdated": "2026-06-30T13:31:51.576Z", "dateReserved": "2025-07-10T06:10:12.822Z", "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0", "datePublished": "2026-06-30T08:59:58.941Z", "assignerShortName": "Nokia"}, "dataVersion": "5.2"}

{}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,NM 25R1-NM)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[NM 25R1-NM,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "MantaRay NM", "source": "cna", "vendor": "Nokia"}, "product": "mantaray_nm", "vendor": "nokia"}], "created": "2026-06-30T10:30:11.485589+00:00", "updated": "2026-06-30T14:45:14.496939+00:00", "vendors": ["nokia", "nokia$PRODUCT$mantaray_nm"]}