Open5GS Denial of Service Vulnerability (CNVD-2025-03194)

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...

PT-2025-1398 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a "Handover Request Ack" message without the required MME UE S1AP ID field, which can cause the MME to crash repeatedly, resulting in denial of service. Thi...