Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:17 a.m.9 views

CVE-2023-37023

Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...

8.6CVSS6.7AI score0.00752EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:17 a.m.6 views

CVE-2023-37029

Magma versions = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage this behavior to repeatedly crash the MME via either a compromised base station or via an...

7.5CVSS6.9AI score0.00596EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.5 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03194)

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.7 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03199)

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Functional Information Indication" message missing the required mmeues1apid...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03197)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Version" full message missing the required mmeues1apid' field to...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.5 views

Open5GS has an unspecified vulnerability

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.6.4 and earlier versions, which can be exploited by an attacker to send an "E-rab modification instruction" message th...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.8 views

Open5GS has an unspecified vulnerability (CNVD-2025-03190)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.6 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03192)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by sending a "switch" message missing the required "MMEUES1APID"...

6.3CVSS6.7AI score0.00474EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.9 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03200)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.7 views

Open5GS has an unspecified vulnerability (CNVD-2025-03161)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to send an "E-RAB Setup Response" message that lacks the required mmeues1apid' field to...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.8 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03196)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Failure" message missing the required mmeues1apid' fie...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.5 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03195)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Release Request" message missing the required mmeues1apid' field to...

7.5CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/08 12:0 a.m.7 views

Open5GS Denial of Service Vulnerability (CNVD-2025-03154)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited to cause a denial of service by an attacker who sends an "Initial UE Message" that lacks the required...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1
CNVD
CNVD
added 2025/01/24 12:0 a.m.2 views

Magma null pointer dereference vulnerability (CNVD-2025-15066)

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...

6.5CVSS6.2AI score0.00373EPSS
Exploits1References1
CNVD
CNVD
added 2025/01/24 12:0 a.m.32 views

Magma null pointer dereference vulnerability (CNVD-2025-02448)

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME via S1AP E-RAB Release Response, a...

6.5CVSS6.8AI score0.00248EPSS
Exploits0References1
CNVD
CNVD
added 2025/01/24 12:0 a.m.13 views

Magma Null Pointer Dereference Vulnerability

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...

6.5CVSS6.8AI score0.00373EPSS
Exploits1References1
NVD
NVD
added 2025/01/22 3:15 p.m.11 views

CVE-2023-37007

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Cancel message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

5.3CVSS0.00261EPSS
Exploits1References1
OSV
OSV
added 2025/01/22 3:15 p.m.9 views

CVE-2023-37002

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Modification Indication message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

5.3CVSS6.7AI score
Exploits0References1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.5 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Modification Failure" message missing the required mmeues1apid' fie...

8.6CVSS6.6AI score0.00752EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.9 views

CVE-2023-37002

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Modification Indication message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

5.2AI score0.00261EPSS
Exploits1References1
Rows per page
Query Builder