← Telia Company cases
Bugzilla #1999296 Certificate Problem Report

Telia: Findings in 2025 ETSI Audit - Incident Report #1 – Vulnerability management

RESOLVED FIXED Telia Company
AI Summary

Telia Company reported a non-conformity regarding the timely remediation of critical vulnerabilities identified during a penetration test on October 13, 2025. The vulnerabilities, affecting the Apache HTTP server used for S/MIME certificate management, were not addressed within the required 48-hour timeframe as mandated by ETSI EN 319 401. The incident was disclosed following an audit session on November 5, 2025, and a full incident report was submitted by November 21, 2025. Telia has since implemented corrective actions, including updating their software management processes and conducting training for relevant personnel.

Model: gpt-4o-mini Generated: 2026-06-13 20:51 UTC Confidence: 0.90
Chronology
  1. Vulnerability scan performed.
  2. Review of vulnerability scan report.
  3. Non-conformity start date.
  4. Auditor identifies findings.
  5. Non-compliance verified.
  6. Full incident report submitted.
Participants
Antti Backman
External References
Original Bugzilla Case bugzilla.mozilla.org bugzilla.mozilla.org bugzilla.mozilla.org bugzilla.mozilla.org
Related Bugzilla IDs Mentioned
#1983272 #1972158 #1906028 #1955721
Similar Local Cases
#2012934 RESOLVED Certificate Problem Report Opened 2026-01-28 · Closed 2026-02-26 · 58% similar
Telia: Inccorrect CRL URL on a Root CA record in CCADB
AI Summary CA Owner
#1896553 RESOLVED Certificate Problem Report Opened 2024-05-14 · Closed 2025-02-12 · 56% similar
Telia: Delayed revocation of seven (7) certificates related to incident 1896108
AI Summary CA Owner
#1940957 RESOLVED Certificate Problem Report Opened 2025-01-10 · Closed 2025-06-20 · 56% similar
Telia: TLS OV certificate with subject countryName and localityName mismatch
AI Summary CA Owner
#1614311 RESOLVED Certificate Problem Report Opened 2020-02-10 · Closed 2024-06-30 · 51% similar
Telia: Two Intermediate CA certificates not listed in audit report
AI Summary CA Owner
#1689589 RESOLVED Certificate Problem Report Opened 2021-01-29 · Closed 2023-02-22 · 51% similar
Telia: Disallowed curve (P-521) in leaf certificate
AI Summary CA Owner
#1637854 RESOLVED Certificate Problem Report Opened 2020-05-14 · Closed 2023-02-22 · 50% similar
Telia: AIA CA Issuer field pointing to PEM encoded cert
AI Summary CA Owner
#1738207 RESOLVED Certificate Problem Report Opened 2021-10-28 · Closed 2023-02-22 · 50% similar
Telia: Issued three precertificates with non-NIST EC curve
AI Summary CA Owner
#1674536 RESOLVED Certificate Problem Report Opened 2020-10-31 · Closed 2023-02-22 · 49% similar
Telia: Certificates with RSA keys where modulus is not divisible by 8
AI Summary CA Owner

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action