CVE-2025-65805
Unknown Unknown - Not Provided
Buffer Overflow in OpenAirInterface CN5G AMF Enables DoS, RCE

Publication date: 2026-01-07

Last updated on: 2026-01-07

Assigner: MITRE

Description
OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-07
Last Modified
2026-01-07
Generated
2026-06-16
AI Q&A
2026-01-07
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65805
EUVD
EUVD-2026-1204
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openairinterface cn5g_amf to 2.1.9 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

You can detect this vulnerability by monitoring network traffic on port N1 for NAS messages containing IMSI strings longer than 1000 characters. Using packet capture tools like tcpdump or Wireshark, you can filter for traffic on port N1 and inspect the IMSI field length. For example, a command like 'tcpdump -i <interface> port <N1_port> -w capture.pcap' can capture relevant traffic, which you can then analyze for oversized IMSI strings. [1]

Executive Summary

This vulnerability is a buffer overflow in OpenAirInterface CN5G AMF versions up to 2.1.9. It occurs when processing NAS messages, specifically when an unauthorized remote attacker sends an IMSI string longer than 1000 characters to the AMF via port N1. This can cause the system to overflow its buffer, potentially leading to denial-of-service or execution of malicious code.

Impact Analysis

The vulnerability can allow unauthorized remote attackers to launch denial-of-service attacks against the affected system, causing it to become unavailable. Additionally, attackers may be able to execute malicious code remotely, which could compromise the system's integrity and security.

Mitigation Strategies

Immediate mitigation steps include restricting access to port N1 to trusted sources only, implementing input validation to reject NAS messages with IMSI strings longer than 1000 characters, and applying any available patches or updates from OpenAirInterface for CN5G AMF versions up to v2.1.9. Additionally, monitoring for unusual traffic patterns and potential exploitation attempts is recommended. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65805. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart