Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments

TL;DR

This paper assesses security vulnerabilities in Kubernetes-based Open RAN systems, identifying misconfigurations and outdated software, and proposes methods to enhance the security and robustness of the virtualization infrastructure.

Contribution

It provides a detailed security assessment of O-RAN Kubernetes deployments, highlighting vulnerabilities and proposing practical hardening and security evaluation methodologies.

Findings

Detected vulnerabilities due to outdated software packages

Identified misconfigurations in Kubernetes supporting RIC

Proposed security hardening and deployment evaluation methods

Abstract

In this paper, we investigate the security implications of virtualized and software-based Open Radio Access Network (RAN) systems, specifically focusing on the architecture proposed by the O-RAN ALLIANCE and O-Cloud deployments based on the O-RAN Software Community (OSC) stack and infrastructure. Our key findings are based on a thorough security assessment and static scanning of the OSC Near Real-Time RAN Intelligent Controller (RIC) cluster. We highlight the presence of potential vulnerabilities and misconfigurations in the Kubernetes infrastructure supporting the RIC, also due to the usage of outdated versions of software packages, and provide an estimation of their criticality using various deployment auditing frameworks (e.g., MITRE ATT&CK and the NSA CISA). In addition, we propose methodologies to minimize these issues and harden the Open RAN virtualization infrastructure. These encompass the integration of security evaluation methods into the deployment process, implementing deployment hardening measures, and employing policy-based control for RAN components. We emphasize the need to address the problems found in order to improve the overall security of virtualized Open RAN systems.