Can you explain this vulnerability to me?

CVE-2025-41067 is a reachable assertion vulnerability in Open5GS versions up to 2.7.5 that affects the NRF (Network Repository Function) component. Attackers with network access to the NRF can send a Service-Based Interface (SBI) request that deletes the NRF's own registry. This triggers an assertion check that crashes the NRF process, causing the discovery service to become unavailable and resulting in a denial of service. [2]

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can cause a denial of service (DoS) by crashing the NRF process in Open5GS, which makes the discovery service unavailable. This disruption can affect the stability and availability of the 5G core network services relying on the NRF, potentially leading to network outages or degraded service performance. [2]

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for abnormal crashes or denial of service conditions in the NRF component of Open5GS, especially after receiving SBI requests that attempt to delete the NRF's own registry. Network traffic analysis tools can be used to detect suspicious SBI requests targeting the NRF. Specific commands are not provided in the available resources. [2]

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade Open5GS to version 2.7.5 or later, where this vulnerability has been fixed. Additionally, restricting network access to the NRF component to trusted entities only can help reduce the attack surface. [1, 2]

Useful 0 Not Useful 0