A heap-based buffer overflow vulnerability in LTE base station software allows remote attackers to execute arbitrary code by sending malformed RRC messages. The vulnerability occurs in the message parsing routine when processing oversized information elements.
Remote code execution on LTE base stations, potential disruption of cellular communications, unauthorized access to network infrastructure, and possible manipulation of user traffic.
Apply security patch v7.3.0 immediately. Implement input validation for all RRC message processing. Consider deploying network-level firewalls to filter malformed LTE protocol traffic.