CVE-2025-7406 in MantaRay NM
Summary
by MITRE • 06/30/2026
Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 06/30/2026
This vulnerability represents a critical privilege escalation flaw within Nokia MantaRay NM systems where local administrative users can escalate their privileges to root level access. The underlying technical issue stems from improper sudo configuration that allows authenticated local users with administrative rights to execute arbitrary commands with elevated privileges. This weakness creates a direct pathway for attackers who have already compromised administrative accounts to gain complete system control. The vulnerability operates at the operating system level and directly violates the principle of least privilege by enabling unauthorized elevation of access rights. According to the CWE dictionary, this scenario maps to CWE-276 which describes improper permissions on critical resources, while the MITRE ATT&CK framework categorizes this under privilege escalation techniques with specific relevance to T1068 - Exploitation for Privilege Escalation.
The operational impact of this vulnerability extends far beyond simple access control bypass as it fundamentally compromises system integrity and confidentiality. Once an attacker achieves root privileges, they can manipulate system files, install persistent backdoors, modify security configurations, and access all data stored on the host system. The filesystem becomes completely exposed to unauthorized modifications, potentially leading to complete system compromise and data exfiltration. This vulnerability particularly affects enterprise environments where administrative accounts may be subject to various attack vectors including credential theft, social engineering, or initial compromise through other vulnerabilities. The risk is compounded by the fact that administrative accounts often have broader network access and may be used for lateral movement within compromised networks.
Mitigation strategies should focus on implementing strict sudo configuration policies that adhere to the principle of least privilege. Organizations must review and restrict the commands permitted via sudo for all administrative accounts, ensuring that only necessary operations are allowed with elevated privileges. This includes removing unnecessary sudo permissions and implementing more granular access controls through tools like sudoers file configurations. Additional protective measures should include regular security audits of sudo configurations, monitoring for unauthorized privilege escalation attempts, and implementing multi-factor authentication for administrative accounts. The solution aligns with industry best practices outlined in NIST SP 800-53 and ISO 27001 standards for access control management, which emphasize the importance of limiting administrative privileges to reduce attack surface and prevent lateral movement within compromised systems.