Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments

arXiv:2405.01888v1 Announce Type: new
Abstract: In this paper, we investigate the security implications of virtualized and software-based Open Radio Access Network (RAN) systems, specifically focusing on the architecture proposed by the O-RAN ALLIANCE and O-Cloud deployments based on the O-RAN Software Community (OSC) stack and infrastructure. Our key findings are based on a thorough security assessment and static scanning of the OSC Near Real-Time RAN Intelligent Controller (RIC) cluster. We highlight the presence of potential vulnerabilities and misconfigurations in the …

access alliance architecture arxiv cloud community cs.cr findings infrastructure key kubernetes network radio security software stack systems vulnerabilities