CVE-2026-34484
A Shell Privilege Escalation vulnerability in Nokia 1830 Global Express (GX)

Public disclosure	2026-03-30
Last updated	2026-03-30
Vulnerability type	Shell Privilege Escalation
CVSS vector	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS score	6.7

Description

Nokia 1830 Global Express GX is vulnerable to a local privilege escalation vulnerability which exists in the administrative shell interface. An authenticated local attacker with restricted shell access can exploit this vulnerability to bypass local security restrictions and gain root access on the device.

Affected products and versions

Nokia 1830 Global Express (GX) G42, GX G31, GX G32, GX G34 releases prior to GX r9.0.

Mitigation plan

Fixes have been provided in Nokia 1830 Global Express (GX) r9.0 and later releases.

Acknowledgements

Damiano Diego de Felice (Agenzia per la Cybersicurezza Nazionale (ACN))
Alessandro Esposito (Agenzia per la Cybersicurezza Nazionale (ACN))

References

Select your country

CVE-2026-34484
A Shell Privilege Escalation vulnerability in Nokia 1830 Global Express (GX)

Description

Affected products and versions

Mitigation plan

Acknowledgements

References

1830 Global Express (GX)

Looking for Nokia licensed products support?

Looking for Nokia licensed products support?

Select your country

CVE-2026-34484A Shell Privilege Escalation vulnerability in Nokia 1830 Global Express (GX)

Description

Affected products and versions

Mitigation plan

Acknowledgements

References

1830 Global Express (GX)

CVE-2026-34484
A Shell Privilege Escalation vulnerability in Nokia 1830 Global Express (GX)