CVE-2024-53828
Received
Received - Intake
Denial of Service in Ericsson PCC via Message Flooding
Publication date: 2026-04-01
Last updated on: 2026-04-10
Assigner: Ericsson
Description
Description
Ericsson Packet Core Controller (PCC) versions prior
to 1.38 contain a vulnerability where an attacker sending a large volume of
specially crafted messages may cause service degradation.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ericsson | packet_core_controller | to 1.38 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-228 | The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in Ericsson Packet Core Controller (PCC) versions prior to 1.38. It occurs when an attacker sends a large volume of specially crafted messages to the system, which may cause service degradation.
How can this vulnerability impact me? :
This vulnerability can impact you by causing degradation of service in the Ericsson Packet Core Controller. This means that the system's performance or availability could be negatively affected, potentially disrupting normal operations.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70