Open Radio Access Network (O-RAN) is a major advancement in the telecommunications field, providing standardized interfaces that promote interoperability between different vendors' technologies, thereby enhancing network flexibility and reducing operational expenses. By leveraging cutting-edge developments in network virtualization and artificial intelligence, O-RAN enhances operational efficiency and stimulates innovation within an open ecosystem. In the context of 6G, the potential capabilities of O-RAN have been significantly expanded, enabling ultra-reliable low-latency communication, terabit-level data rates, and seamless integration of terrestrial and non-terrestrial networks. Despite these benefits, its open architecture paradigm also brings critical security and privacy challenges, which, if not addressed, could compromise network integrity and data confidentiality. This paper conducts a comprehensive investigation into the security vulnerabilities and privacy issues associated with the O-RAN architecture in the context of the evolving 6G landscape, systematically categorizing fundamental vulnerabilities, meticulously examining potential attack vectors, and assessing current and future threats. In addition, this study also examines the existing and emerging security mechanisms of O-RAN and reviews the ongoing standardization activities aimed at strengthening the O-RAN security framework.

翻译：开放无线接入网（O-RAN）是电信领域的重大进步，通过提供标准化接口促进不同供应商技术之间的互操作性，从而增强网络灵活性并降低运营成本。利用网络虚拟化和人工智能领域的尖端发展，O-RAN提升了运营效率，并在开放生态系统中激发创新。在6G背景下，O-RAN的潜在能力得到显著扩展，支持超可靠低延迟通信、太比特级数据速率以及地面与非地面网络的无缝集成。然而，其开放架构范式也带来了关键的安全与隐私挑战，若未妥善解决，可能危及网络完整性与数据机密性。本文针对6G演进背景下O-RAN架构的安全漏洞与隐私问题开展全面研究，系统分类了基础性漏洞，细致审视了潜在攻击向量，并评估了当前及未来的威胁。此外，本研究还考察了O-RAN现有及新兴的安全机制，并回顾了旨在强化O-RAN安全框架的持续标准化活动。