CVE-2025-7406

HIGH

CVSS v3.1: 7.8 · EPSS: 0.0017 (6.6 percentile)

No user interactionPrivilege ManagementVendor advisory ref

Source data as of:

At a glance

Severity
HIGH
CVSS
7.8 v3.1 · NVD
EPSS
0.0017 (6.6 percentile) · FIRST.org
CISA KEV
No
Type
Privilege Management · NVD CWE
Attack conditions (CVSS vector)
No user interaction · Source: NVD Vector
Published
2026-06-30 · Modified: 2026-06-30

CVSS / EPSS / KEV

CVSS v3.1 7.8 / 10 HIGH Source: NVD
EPSS 0.0017 6.6 percentile Source: FIRST.org
CISA KEV No Source: CISA

Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources

Description

Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.

Record details

CVE ID
CVE-2025-7406
CVSS (v3.1)
7.8 (HIGH)
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability subscore
1.8
Impact subscore
5.9
EPSS
0.0017 (6.6 percentile) — 2026-07-01
CISA KEV
No
Weakness (CWE)
CWE-269
Affected configurations (CPE)
0
Published
2026-06-30
Modified
2026-06-30
Status
Undergoing Analysis

References

Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.