PatchSiren cyber security CVE debrief
CVE-2025-10262 Nokia CVE debrief
CVE-2025-10262 is a local privilege escalation vulnerability in Nokia SR Linux due to unsanitized format validation. An authenticated user could exploit this to execute arbitrary commands with superuser privileges.
- Vendor
- Nokia
- Product
- SR Linux
- CVSS
- MEDIUM 6.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Nokia SR Linux should prioritize patching this vulnerability to prevent local privilege escalation attacks.
Technical summary
The vulnerability exists due to unsanitized format validation in Nokia SR Linux. This allows an authenticated user to potentially execute arbitrary commands with superuser privileges.
Defensive priority
high
Recommended defensive actions
- Apply patches or updates provided by Nokia to address the vulnerability.
- Restrict access to sensitive areas of the system to authenticated users only.
- Monitor system logs for suspicious activity indicative of exploitation attempts.
Evidence notes
Evidence suggests that Nokia has an advisory for this vulnerability (see resourceLinkAnnotations 'ref-4').
Official resources
-
CVE-2025-10262 CVE record
CVE.org
-
CVE-2025-10262 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
b48c3b8f-639e-4c16-8725-497bc411dad0
CVE-2025-10262 was published on 2026-06-16T06:16:57.063Z and has not been modified since then.