CVE-2025-8800

Sažetak

A vulnerability was found in Open5GS up to 2.7.5. It has been rated as problematic. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 701505102f514cbde2856cd2ebc9bedb7efc820d. It is recommended to upgrade the affected component.

Reference

https://github.com/open5gs/open5gs/commit/701505102f514cbde2856cd2ebc9bedb7efc820d
https://github.com/open5gs/open5gs/issues/3980
https://github.com/open5gs/open5gs/issues/3980#issuecomment-3054894281
https://github.com/open5gs/open5gs/releases/tag/v2.7.6
https://vuldb.com/?ctiid.319328
https://vuldb.com/?id.319328
https://vuldb.com/?submit.626113

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

11-08-2025 - 18:32

Objavljeno

10-08-2025 - 08:15