CVE-2025-15417
BaseFortify
Publication date: 2026-01-01
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open5gs | open5gs | to 2.7.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Open5GS up to version 2.7.6, specifically in the function sgwc_s11_handle_create_session_request within the GTPv2-C F-TEID Handler component. It allows a local attacker to manipulate the function, leading to a denial of service condition. The exploit is publicly available, and a patch has been released to fix the issue.
How can this vulnerability impact me? :
The vulnerability can cause a denial of service (DoS) on the affected Open5GS system when exploited locally. This means that the system or service may become unavailable or unresponsive, potentially disrupting network operations that rely on Open5GS.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch named 465273d13ba5d47b274c38c9d1b07f04859178a1 to the Open5GS software to remediate the issue.