CVE-2025-0636
HIGHEricsson Site Controller 6610 < S24.Q2 and RAN Compute < 24.Q1.C5 - OS Command Injection
Title source: llmDescription
EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution.
References (1)
Core 1
Core References
Scores
CVSS v3
8.4
EPSS
0.0027
EPSS Percentile
17.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (2)
Ericsson/RAN Compute (all BB versions)
< 24.Q1.C5
Ericsson/Site Controller 6610
< S24.Q2
Published
Oct 13, 2025
Tracked Since
Feb 18, 2026