CVE-2026-1522
BaseFortify
Publication date: 2026-01-28
Last updated on: 2026-02-23
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open5gs | open5gs | to 2.7.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a weakness in Open5GS up to version 2.7.6, specifically in the function sgwc_s5c_handle_modify_bearer_response within the SGWC component. An attacker can remotely manipulate this function to cause a denial of service (DoS) condition. The vulnerability has been publicly disclosed and a patch is available to fix it.
How can this vulnerability impact me? :
The vulnerability can be exploited remotely to cause a denial of service, which means the affected Open5GS service could become unavailable or unresponsive, potentially disrupting network operations that rely on it.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch identified as b19cf6a to the Open5GS software to resolve the vulnerability in the sgwc_s5c_handle_modify_bearer_response function. This patch fixes the issue and is advised to prevent denial of service attacks.