CNNVD-202510-1696 Information

CNNVD ID

CNNVD-202510-1696

Related CVE

CVE-2025-0636

• CNNVD Published: 2025-10-13

Description (Chinese)

Ericsson RAN Compute和Ericsson Site Controller 6610都是瑞典爱立信（Ericsson）公司的产品。Ericsson RAN Compute是一款云原生软件解决方案，用于处理RAN中的计算功能。Ericsson Site Controller 6610是一个站点应用智能电源管理控制器。 Ericsson RAN Compute和Ericsson Site Controller 6610存在安全漏洞，该漏洞源于EMCLI对OS命令中特殊元素中和不当，可能导致执行任意代码。

Description (English)

Ericsson RAN Company and Ericsson Site Contractor 6610 are products of Ericsson Sweden. Ericsson RAN Company is a cloud-based software solution that handles the computational functions in RAN. Ericsson Site Contractor 6610 is a site-based smart power management controller. There is a security loophole in Ericsson RAN Compute and Ericsson Site Contractor 6610, which stems from the misalignment of special elements in the EMCLI against OS command, which may lead to the enforcement of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

爱立信

Published

2025-10-13

Last Modified

2026-02-24

References

https://www.ericsson.com/en/about-us/security/psirt/cve-2025-0636

Patch

https://www.ericsson.com/en/about-us/security/psirt/cve-2025-0636