CVE-2026-7781
Deferred
Deferred - Pending Action
Denial of Service in Open5GS 2.7.7
Publication date: 2026-05-04
Last updated on: 2026-05-04
Assigner: VulDB
Description
Description
A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the component amf-3gpp-access Endpoint. The manipulation leads to denial of service. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open5gs | open5gs | to 2.7.7 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Open5GS versions up to 2.7.7, specifically in the function udm_nudm_uecm_handle_amf_registration_update within the amf-3gpp-access Endpoint component. It allows an attacker to remotely manipulate this function, leading to a denial of service condition.
How can this vulnerability impact me? :
The vulnerability can be exploited remotely to cause a denial of service, which means that the affected Open5GS service could become unavailable or unresponsive, potentially disrupting network operations that rely on this component.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70