29 matches found
CVE-2023-37023
Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...
CVE-2023-37029
Magma versions = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage this behavior to repeatedly crash the MME via either a compromised base station or via an...
Open5GS Denial of Service Vulnerability (CNVD-2025-03194)
Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...
Open5GS Denial of Service Vulnerability (CNVD-2025-03199)
Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Functional Information Indication" message missing the required mmeues1apid...
Open5GS Denial of Service Vulnerability (CNVD-2025-03197)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Version" full message missing the required mmeues1apid' field to...
Open5GS has an unspecified vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.6.4 and earlier versions, which can be exploited by an attacker to send an "E-rab modification instruction" message th...
Open5GS has an unspecified vulnerability (CNVD-2025-03190)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...
Open5GS Denial of Service Vulnerability (CNVD-2025-03192)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by sending a "switch" message missing the required "MMEUES1APID"...
Open5GS Denial of Service Vulnerability (CNVD-2025-03200)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...
Open5GS has an unspecified vulnerability (CNVD-2025-03161)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to send an "E-RAB Setup Response" message that lacks the required mmeues1apid' field to...
Open5GS Denial of Service Vulnerability (CNVD-2025-03196)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Failure" message missing the required mmeues1apid' fie...
Open5GS Denial of Service Vulnerability (CNVD-2025-03195)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Release Request" message missing the required mmeues1apid' field to...
Open5GS Denial of Service Vulnerability (CNVD-2025-03154)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited to cause a denial of service by an attacker who sends an "Initial UE Message" that lacks the required...
Magma null pointer dereference vulnerability (CNVD-2025-15066)
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
Magma null pointer dereference vulnerability (CNVD-2025-02448)
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME via S1AP E-RAB Release Response, a...
Magma Null Pointer Dereference Vulnerability
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
CVE-2023-37007
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Cancel message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...
CVE-2023-37002
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Modification Indication message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Failure" message missing the required mmeues1apid' fie...
CVE-2023-37002
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Modification Indication message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...