Open5gs

Open5gs

114 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.9

CVE-2025-5520

Exploit
  • EPSS 0.19%
  • Veröffentlicht 03.06.2025 18:00:22
  • Zuletzt bearbeitet 09.06.2025 15:13:24

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possibl...

6.9

CVE-2025-5501

Exploit
  • EPSS 0.26%
  • Veröffentlicht 03.06.2025 14:00:21
  • Zuletzt bearbeitet 13.06.2025 19:36:40

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Han...

7.5

CVE-2025-29339

Exploit
  • EPSS 0.16%
  • Veröffentlicht 22.04.2025 00:00:00
  • Zuletzt bearbeitet 19.06.2025 00:23:24

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value prop...

6.5

CVE-2025-25774

Exploit
  • EPSS 0.08%
  • Veröffentlicht 12.03.2025 00:00:00
  • Zuletzt bearbeitet 29.04.2025 15:04:59

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Servic...

7.5

CVE-2025-1925

Exploit
  • EPSS 0.85%
  • Veröffentlicht 04.03.2025 14:15:36
  • Zuletzt bearbeitet 23.06.2025 15:10:37

A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amf_nsmf_pdusession_handle_update_sm_context of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to...

7.5

CVE-2025-1893

Exploit
  • EPSS 0.11%
  • Veröffentlicht 04.03.2025 01:15:11
  • Zuletzt bearbeitet 06.03.2025 12:21:35

A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmm_state_authentication of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of serv...

7.5

CVE-2024-56921

Exploit
  • EPSS 0.3%
  • Veröffentlicht 03.02.2025 20:15:33
  • Zuletzt bearbeitet 22.04.2025 14:58:46

An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() function upon receipt of the Nausf_UEAuthentication_Authenticate response...

7.5

CVE-2024-57519

Exploit
  • EPSS 0.6%
  • Veröffentlicht 28.01.2025 23:15:08
  • Zuletzt bearbeitet 30.04.2025 16:42:42

An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the ogs_dbi_auth_info function in lib/dbi/subscription.c file.

8.6

CVE-2024-24429

Exploit
  • EPSS 0.25%
  • Veröffentlicht 22.01.2025 16:15:28
  • Zuletzt bearbeitet 22.04.2025 17:27:25

A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.

7.5

CVE-2024-24430

Exploit
  • EPSS 0.32%
  • Veröffentlicht 22.01.2025 15:15:12
  • Zuletzt bearbeitet 22.04.2025 17:27:09

A reachable assertion in the mme_ue_find_by_imsi function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.