82 matches found
CVE-2024-25009
Ericsson Packet Core Controller PCC contains a vulnerability in Access and Mobility Management Function AMF where improper input validation can lead to denial of service which may result in service degradation...
CVE-2025-1893 Open5GS AMF gmm-sm.c gmm_state_authentication denial of service
A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmmstateauthentication of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial-of-service vulnerability that stems from the gmmstateexception function mishandling a specific response error, which can be exploited by an...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "S1SETUP request" message missing the...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Version" full message missing the required mmeues1apid' field to...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends "S1SETUP request" messages missing the required...
PT-2025-1399 · Open5Gs · Open5Gs Mme
Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a "Handover Cancel" message missing the required MME UE S1AP ID field, which can cause the MME to crash repeatedly, resulting in denial of service. This can...
PT-2025-1400 · Open5Gs · Open5Gs Mme
Name of the Vulnerable Software and Affected Versions: Open5GS MME versions = 2.6.4 Description: The issue is caused by a buffer overflow in the ASN.1 deserialization function of the S1AP handler, leading to type confusion in decoded fields. This results in invalid parsing and freeing of memory,...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Functional Information Indication" message missing the required mmeues1apid...
Magma 代码问题漏洞
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
Magma 代码问题漏洞
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
Magma 代码问题漏洞
Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...
OpenAirInterface CN5G AMF 代码问题漏洞
OpenAirInterface CN5G AMF is an OpenAirInterface open source application. A security vulnerability exists in OpenAirInterface CN5G AMF v2.0.0 and earlier versions that stems from the presence of uninitialized pointer dereferences, which allows an attacker to trigger a denial of service DoS via a...
CVE-2024-39343
CVE-2024-39343 affects Samsung’s Mobile Processor and Wearable Processor baseband (Exynos 2100/1280/2200/1330/1380/1480/2400/9110 and Modem 5123/5300). The root cause is that baseband software does not properly validate the length specified by the Mobility Management (MM) module, which can lead t...
CVE-2024-7612
Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components...
CVE-2024-25009
Ericsson Packet Core Controller PCC contains a vulnerability in Access and Mobility Management Function AMF where improper input validation can lead to denial of service which may result in service degradation...
PT-2024-20698 · Ericsson · Ericsson Packet Core Controller
Name of the Vulnerable Software and Affected Versions: Ericsson Packet Core Controller PCC affected versions not specified Description: The issue is related to improper input validation in the Access and Mobility Management Function AMF of the Ericsson Packet Core Controller PCC, which can lead t...
Ericsson Packet Core Controller 安全漏洞
Ericsson Packet Core Controller Ericsson PCC is a packet core controller from Ericsson, Sweden. A security vulnerability exists in Ericsson Packet Core Controller versions prior to 1.33 that stems from improper input validation in the Access and Mobility Management Function component, which could...
CVE-2024-36132
Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources...
Open5GS 安全漏洞
Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS has a security vulnerability that can be exploited by an attacker to cause AMF to crash...