7.5
CVE-2025-8800
- EPSS 0.54%
- Veröffentlicht 10.08.2025 08:02:07
- Zuletzt bearbeitet 15.08.2025 09:15:31
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
LoginOpen5GS AMF esm-handler.c esm_handle_pdn_connectivity_request denial of service
A vulnerability has been found in Open5GS up to 2.7.5. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 701505102f514cbde2856cd2ebc9bedb7efc820d. It is recommended to upgrade the affected component.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.54% | 0.411 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| cna@vuldb.com | 6.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cna@vuldb.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| cna@vuldb.com | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-404 Improper Resource Shutdown or Release
The product does not release or incorrectly releases a resource before it is made available for re-use.
https://github.com/open5gs/open5gs/releases/tag/v2.7.6
https://vuldb.com/?id.319328
https://vuldb.com/?ctiid.319328
https://vuldb.com/?submit.626113
https://github.com/open5gs/open5gs/issues/3980
https://github.com/open5gs/open5gs/issues/3980#issuecomment-3054894281
https://github.com/open5gs/open5gs/commit/701505102f514cbde2856cd2ebc9bedb7efc820d
https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-8800