CVE-2025-9912
A local privilege escalation vulnerability in Nokia SR Linux

Public disclosure	27-05-2026
Last updated	27-05-2026
Vulnerability type	Local Privilege Escalation
CVSS vector	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
CVSS score	6.3

Description

Nokia SR Linux is vulnerable to a local privilege escalation vulnerability. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privilege.

Affected products and versions

All SR Linux versions earlier than 23.10.8, 24.10.6, 25.7.2 (exclusive).

Hardware platforms running SR Linux:

7215 IXS
7220 IXR
7250 IXR
7730 SXR

Mitigation plan

Fixes have been provided in SR Linux 23.10.8. 24.10.6, 25.7.2, and later releases.

References

Engineer working on laptop connected to servers

Select your country

CVE-2025-9912
A local privilege escalation vulnerability in Nokia SR Linux

Description

Affected products and versions

Mitigation plan

References

Service Router Linux (SR Linux)

Select your country

CVE-2025-9912A local privilege escalation vulnerability in Nokia SR Linux

Description

Affected products and versions

Mitigation plan

References

Service Router Linux (SR Linux)

CVE-2025-9912
A local privilege escalation vulnerability in Nokia SR Linux