CVE-2025-69248
Received Received - Intake
Buffer Overflow in free5GC AMF Causes Remote DoS

Publication date: 2026-02-23

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NAS Registration Request with a malformed 5GS Mobile Identity, causing complete denial of service for the 5G core network. All deployments of free5GC using the AMF component may be affected. Pull request 43 of the free5gc/nas repo contains a fix. No direct workaround is available at the application level. Applying the official patch is recommended.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-23
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2025-69248
EUVD
EUVD-2025-207568
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
free5gc amf to 1.4.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-129 The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in free5GC's AMF service up to version 1.4.1, where a buffer overflow can occur.

Remote unauthenticated attackers can exploit this by sending a specially crafted NAS Registration Request containing a malformed 5GS Mobile Identity.

This causes the AMF service to crash, resulting in a complete denial of service for the 5G core network.

There is no direct workaround at the application level, and applying the official patch from pull request 43 of the free5gc/nas repository is recommended.

Impact Analysis

This vulnerability can lead to a denial of service condition in the 5G core network by crashing the AMF service.

As a result, all deployments of free5GC using the AMF component may experience service outages or disruptions.

Since the attack can be performed remotely and without authentication, it poses a significant risk to network availability.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

The immediate step to mitigate this vulnerability is to apply the official patch provided in pull request 43 of the free5gc/nas repository.

No direct workaround is available at the application level, so patching is the recommended action.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69248. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart