3.3

CVE-2025-8698

Exploit

Open5GS AMF Service nsmf-handler.c amf_nsmf_pdusession_handle_release_sm_context assertion

A vulnerability was found in Open5GS up to 2.7.5. It has been classified as problematic. Affected is the function amf_nsmf_pdusession_handle_release_sm_context of the file src/amf/nsmf-handler.c of the component AMF Service. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The name of the patch is 66bc558e417e70ae216ec155e4e81c14ae0ecf30. It is recommended to apply a patch to fix this issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Open5gsOpen5gs Version <= 2.7.5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.076
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cna@vuldb.com 1.9 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cna@vuldb.com 1.7 3.1 2.9
AV:L/AC:L/Au:S/C:N/I:N/A:P
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://vuldb.com/?id.319128
Third Party Advisory
VDB Entry
https://vuldb.com/?ctiid.319128
VDB Entry
Permissions Required
https://vuldb.com/?submit.621282
Third Party Advisory
VDB Entry
https://github.com/open5gs/open5gs/issues/4012
Third Party Advisory
Exploit
Issue Tracking
https://github.com/user-attachments/files/21356631/amf_nsmf_pdusession_handle_release_sm_context.zip
Not Applicable
https://github.com/open5gs/open5gs/commit/66bc558e417e70ae216ec155e4e81c14ae0ecf30
Product