CVE-2026-34484
Shell Privilege Escalation in GX G42

Public disclosure	30-03-2026
Last updated	30-03-2026
Vulnerability type	Shell Privilege Escalation
CVSS vector	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS score	6.7 (Medium)

Description

A local privilege escalation of vulnerability exists in the administrative shell interface. An authenticated local attacker with restricted shell access can exploit this vulnerability to bypass local security restrictions and gain root access on the device.

Affected products and versions

Affected Products: Nokia GX G42, GX G31, GX G32, GX G34
Affected Releases: All releases prior to GX r9.0

Mitigation plan

GX r9.0 onwards

Acknowledgements

Damiano Diego de Felice (Agenzia per la Cybersicurezza Nazionale (ACN))
Alessandro Esposito (Agenzia per la Cybersicurezza Nazionale (ACN))

References

Select your country

CVE-2026-34484
Shell Privilege Escalation in GX G42

Description

Affected products and versions

Mitigation plan

Acknowledgements

References

Product Security Advisory

Looking for Nokia licensed products support?

Looking for Nokia licensed products support?

Select your country

CVE-2026-34484Shell Privilege Escalation in GX G42

Description

Affected products and versions

Mitigation plan

Acknowledgements

References

Product Security Advisory

CVE-2026-34484
Shell Privilege Escalation in GX G42