CVE-2025-60633
BaseFortify
Publication date: 2025-11-24
Last updated on: 2025-12-01
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| free5gc | free5gc | 4.0.0 |
| free5gc | free5gc | 4.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1287 | The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-60633 is a vulnerability in the free5GC UDM (Unified Data Management) component, specifically in the Nudm_SubscriberDataManagement API. When a GET request is made with a non-existent UE ID, the UDM incorrectly returns a 500 Internal Server Error instead of the expected 404 Not Found error. This happens because the UDM fails to properly handle and parse the 404 error response from the Unified Data Repository (UDR), leading to a generic system failure response. The root cause is inadequate error handling in the UDM's OpenAPI client. [1]
How can this vulnerability impact me? :
This vulnerability can cause denial of service conditions by returning incorrect 500 Internal Server Errors when a non-existent UE ID is queried. This improper error handling can disrupt normal operations and degrade the reliability of the free5GC system, potentially affecting service availability and user experience. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a GET request to the Nudm_SubscriberDataManagement API endpoint `/nudm-sdm/v2/{ueId}/id-translation-result` with a non-existent UE ID. If the UDM returns a 500 Internal Server Error instead of the expected 404 Not Found, the vulnerability is present. For example, you can use the following curl command to test: `curl -i -X GET http://<udm-host>/nudm-sdm/v2/nonexistent-ueid/id-translation-result`. Observing a 500 response indicates the issue. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves avoiding reliance on the affected versions of free5GC (v4.0.0 and v4.0.1) until a fix is applied. Since the issue is due to improper error handling in the UDM component, applying the patch that enhances the OpenAPI client to properly handle 404 responses is necessary. In the meantime, monitoring for unexpected 500 errors from the Nudm_SDM API and restricting access to this API endpoint to trusted sources can reduce exploitation risk. [1]