Positive Technologies specialists Vladimir Razov and Alexander Ustinov discovered five vulnerabilities in Nokia’s NetAct system, which, if exploited, could affect the security and stability of providers. Nokia NetAct is used by more than 500 carriers worldwide to monitor and manage telecommunications networks, base stations, and other systems. In Russia, Nokia’s share of installed equipment is estimated to be 20-25%, and in the global market, the company holds a 9% share.
The most serious vulnerabilities, CVE-2023-26057 (BDU:2023-01307) and CVE-2023-26058 (BDU:2023-01306), both received a 5.8 score on the CVSS v3 scale. These XXE vulnerabilities allowed attackers with authorized access to the application to import XML files on the pages of the Nokia NetAct web interface, while the parser incorrectly processed external entities that were in the XML file. This could lead to data being read from the file system, as well as requests being sent on behalf of the computer on which NetAct is installed, due to missing input validation and misconfiguration of XML parsers.
The other three vulnerabilities were rated 5 out of 10. These included cross-site scripting (XSS) vulnerabilities due to insufficient input validation of certain data in the NetAct interface (CVE-2023-26061 (BDU:2023-01303)), the ability to download a ZIP file with certain parameters without checking its contents (CVE-2023-26059 (BDU:2023-01305)), and Cross-Site Template Injection (CSTI) (CVE-2023-26060 (BDU:2023-01304)).
The vulnerabilities were identified in NetAct 20 and NetAct 22. Users are now advised to install a patched version of the system – NetAct 22 FP2211 or newer – to protect against these threats.
