A **secure channel** referred in [RQ-4] and used in transportation is a cryptographically protected communication channel, that may be implemented with TLS. When TLS is used, manufacturer shall ensure that the channel uses appropriate cryptographic functions and configuration according to the requirements of the forseeable use. Manufacturer shall ensure that the channel can not be impaired by downgrading it [i.10].
## 5.3 Risk Mitigations
> **TODO**: Connect the technical security requirements in Section 5.2 to specific Risk Factors, and define these as sets of Risk Mitigations that will be referenced in section 6.
@@ -709,21 +707,30 @@ See the functions in [Section 4.7 Essential functions](#47-essential-functions).
| [CVE-2025-6763](https://www.cve.org/CVERecord?id=CVE-2025-6763) | Unauthorized configration modification | The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| [CVE-2024-5245](https://nvd.nist.gov/vuln/detail/CVE-2024-5245) | Default Credentials Local Privilege Escalation | An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. [PoC](https://github.com/Abdurahmon3236/CVE-2024-5246) |
| CVE-2025-46274 | Hard-coded credentials | The NMS uses hard-coded credentials for the underlying Mongo database. Additionally, the Mongo service isn’t restricted to the local host. |
| CVE-2025-46271 | Command injection before auth | Didn't read. Maybe API endpoint open? [more](https://cybersecuritynews.com/cisa-warns-planet-technology-network-products/) |
| [CVE-2025-24937](https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2025-24937/) | Local file modification and priviledge escalation | Abitary code execution with local access. |
| [CVE-2024-25010](https://www.ericsson.com/en/about-us/security/psirt/cve-2024-25010) | Improper input validation leading to arbitrary code execution | |
| [CVE-2022-48469](https://www.huawei.com/en/psirt/security-advisories/2023/huawei-sa-thvihr-7015cbae-en) | There is a traffic hijacking vulnerability in routers | Auth spoofing? |
| [CVE-2025-27212](https://cybersecuritynews.com/ubiquiti-unifi-devices-vulnerability/) | Device command injection | No authentication required and no user interaction needed |
> List assumptions that are relevant to the risk analysis for these threats. Everything is hackable if you try hard enough, but what risks can this product mitigate, and what must it delegate to other components or the operational environment? Some potential examples:
