CVE-2025-69232
Received Received - Intake
Improper Input Validation in free5GC UPF Causes DoS

Publication date: 2026-02-23

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. Remote attackers can disrupt core network functionality by sending a malformed PFCP Association Setup Request. The UPF incorrectly accepts it, entering an inconsistent state that causes subsequent legitimate requests to trigger SMF reconnection loops and service degradation. All deployments of free5GC using the UPF and SMF components may be affected. As of time of publication, a fix is in development but not yet available. No direct workaround is available at the application level. Applying the official patch, once released, is recommended.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-23
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2025-69232
EUVD
EUVD-2025-207569
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
free5gc go-upf to 1.2.6 (inc)
free5gc smf to 1.4.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in free5GC, an open-source project for 5G mobile core networks, specifically in the go-upf versions up to 1.2.6 and smf versions up to 1.4.0.

It is caused by improper input validation and protocol compliance in the UPF component. Remote attackers can send a malformed PFCP Association Setup Request that the UPF incorrectly accepts.

This causes the UPF to enter an inconsistent state, which leads to subsequent legitimate requests triggering SMF reconnection loops and service degradation, resulting in a Denial of Service.

There is currently no direct workaround at the application level, but a fix is in development and applying the official patch once released is recommended.

Impact Analysis

This vulnerability can disrupt the core network functionality of 5G mobile networks using free5GC UPF and SMF components.

An attacker can cause Denial of Service by sending malformed requests, leading to service degradation and reconnection loops in the network.

This can affect availability and reliability of the mobile network services relying on these components.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

As of the time of publication, no direct workaround is available at the application level.

It is recommended to apply the official patch once it is released to fix the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69232. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart