Compliance Impact

The vulnerability in FlexRIC v2.0.0 allows a malicious xApp to bypass authorization and delete subscriptions of other xApps, breaking multi-tenant isolation. This unauthorized access and potential data manipulation could lead to violations of data protection principles required by standards such as GDPR and HIPAA, which mandate strict access controls and data isolation to protect sensitive information.

Specifically, the failure to enforce proper authorization and isolation may result in unauthorized data access or deletion, undermining confidentiality and integrity requirements. Organizations using affected versions of FlexRIC may face compliance risks if this vulnerability is exploited, as it compromises the security controls necessary to meet regulatory obligations.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-37233 is a high-severity vulnerability in FlexRIC v2.0.0 affecting the iApp's xApp isolation mechanism.

The vulnerability arises from an authorization bypass in the equality function eq_xapp_ric_gen_id() located in src/ric/iApp/xapp_ric_id.c. This function incorrectly compares one xapp_id field against itself instead of comparing both operands, effectively ignoring the identity of the xApp.

As a result, a malicious xApp connected to the iApp on port 36422 can delete subscriptions belonging to other xApps by sending a specially crafted E42_RIC_SUBSCRIPTION_DELETE_REQUEST with a matching ric_gen_id.

This flaw breaks multi-tenant isolation in deployments where multiple xApps share the same RIC, allowing unauthorized cross-xApp subscription deletion.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized deletion of subscriptions belonging to other xApps within the same RIC deployment.

Such unauthorized actions break multi-tenant isolation, potentially causing service disruption or denial of service for affected xApps.

Because a malicious xApp can delete other xApps' subscriptions, it can interfere with normal operations, degrade service reliability, and compromise the integrity of the system.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves a malicious xApp sending an E42_RIC_SUBSCRIPTION_DELETE_REQUEST with a matching ric_gen_id to the iApp's SCTP port 36422 to delete other xApps' subscriptions.

To detect this vulnerability on your network or system, monitor traffic on port 36422 for suspicious E42_RIC_SUBSCRIPTION_DELETE_REQUEST messages originating from untrusted or unexpected xApps.

Commands to help detect such activity could include network packet captures and filtering for SCTP traffic on port 36422, for example using tcpdump:

• tcpdump -i <interface> port 36422 and sctp

Additionally, inspecting logs of the iApp for unexpected subscription deletion requests or anomalies in xApp subscription management could help identify exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include restricting iApp access to only trusted xApps to prevent malicious xApps from connecting and exploiting the vulnerability.

Additionally, correcting the equality function eq_xapp_ric_gen_id() to properly compare both xapp_id operands and verifying subscription ownership before processing delete requests are necessary fixes.

Since no upstream fix was available at the time of publication, enforcing strict access controls and monitoring for suspicious subscription deletion requests are critical interim measures.

Useful 0 Not Useful 0