CVE-2025-15532

Exploit

EPSS 0.98%
Veröffentlicht 17.01.2026 16:32:07
Zuletzt bearbeitet 23.02.2026 09:16:28
Quelle cna@vuldb.com
CVE-Watchlists
Login
Unerledigt
Login

Open5GS Timer resource consumption

A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.

Betroffene Produkte Warnungen 0 Metriken 5 CWE 2 Referenzen 15

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Open5gs ≫ Open5gs Version <= 2.7.5

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.98%	0.576

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cna@vuldb.com	5.5	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
cna@vuldb.com	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE-404 Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

https://vuldb.com/?id.341599

Third Party Advisory

VDB Entry

https://vuldb.com/?ctiid.341599

VDB Entry

Permissions Required

https://vuldb.com/?submit.729354

Third Party Advisory

VDB Entry

https://vuldb.com/?submit.729357

Third Party Advisory

VDB Entry

https://github.com/open5gs/open5gs/issues/4220

Vendor Advisory

Exploit

Issue Tracking

https://github.com/open5gs/open5gs/issues/4221

Vendor Advisory

Exploit

Issue Tracking

https://github.com/open5gs/open5gs/issues/4220#issue-3766066853

Vendor Advisory

Exploit

Issue Tracking

https://github.com/open5gs/open5gs/commit/c7c131f8d2cb1195ada5e0e691b6868ebcd8a845

Patch

https://github.com/open5gs/open5gs/

https://vuldb.com/?submit.735340

https://vuldb.com/?submit.735341

https://vuldb.com/?submit.735342

https://nvd.nist.gov/vuln/detail/CVE-2025-15532

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-15532

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-15532

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-15532