Security and Privacy in O-RAN for 6G: A Comprehensive Review of Threats and Mitigation Approaches

Open Radio Access Network O-RAN is a major advancement in the telecommunications field, providing standardized interfaces that promote interoperability between different vendors' technologies, thereby enhancing network flexibility and reducing operational expenses. By leveraging cutting-edge...

Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions

Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks B5G introduces emerging compute capabilities into the...

A Demonstration of Self-Adaptive Jamming Attack Detection in AI/ML Integrated O-RAN

The open radio access network O-RAN enables modular, intelligent, and programmable 5G network architectures through the adoption of software-defined networking, network function virtualization, and implementation of standardized open interfaces. However, one of the security concerns for O-RAN,...

CVE-2025-57446

An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service DoS via a crafted request to the Subscription Manager API component...

CVE-2025-57446

The CVE-2025-57446 entry concerns the O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment. The underlying issue is a vulnerability in the Subscription Manager API component that allows remote attackers to cause a denial of service via a crafted request. Affected software is descri...

PT-2025-39424

Name of the Vulnerable Software and Affected Versions O-RAN Near Realtime RIC versions affected versions not specified Description An issue exists in the O-RAN Near Realtime RIC ric-plt-submgr component within the J-Release environment. This allows remote attackers to cause a denial of service Do...

O-RAN Near-Realtime RIC 安全漏洞

The O-RAN Near-Realtime RIC is an inbound component of the O-RAN organization. A security vulnerability exists in the O-RAN Near-Realtime RIC that stems from the Subscription Manager API component being susceptible to a specially crafted request attack that could result in a denial of service...

Jamming Smarter, Not Harder: Exploiting O-RAN Y1 RAN Analytics for Efficient Interference

The Y1 interface in O-RAN enables the sharing of RAN Analytics Information RAI between the near-RT RIC and authorized Y1 consumers, which may be internal applications within the operator's trusted domain or external systems accessing data through a secure exposure function. While this visibility...

RAN Tester UE: an Automated Declarative UE Centric Security Testing Platform

Cellular networks require strict security procedures and measures across various network components, from core to radio access network RAN and end-user devices. As networks become increasingly complex and interconnected, as in O-RAN deployments, they are exposed to a numerous security threats...

RRC Signaling Storm Detection in O-RAN

The Open Radio Access Network O-RAN marks a significant shift in the mobile network industry. By transforming a traditionally vertically integrated architecture into an open, data-driven one, O-RAN promises to enhance operational flexibility and drive innovation. In this paper, we harness O-RAN's...

O-RAN RIC 安全漏洞

O-RAN RIC is a RIC application from O-RAN. A security vulnerability exists in O-RAN RIC that stems from e2mgr crashing when it receives a large number of E2 Subscription Requests...

O-RAN RIC 安全漏洞

O-RAN RIC is a RIC application from O-RAN. A security vulnerability exists in O-RAN RIC I-Release, which stems from the fact that an attacker can register unintended RMR message types during registration to compromise other service components...

CVE-2024-34043

O-RAN RICAPP kpimon-go I-Release has a segmentation violation via a certain E2AP-PDU message...

O-RAN E2T 安全漏洞

O-RAN E2T is an application from O-RAN, Inc. A security vulnerability exists in O-RAN E2T that stems from the presence of a null pointer dereference...

O-RAN RIC 安全漏洞

O-RAN RIC is a RIC application from O-RAN. A security vulnerability exists in O-RAN RIC I-Release e2mgr that stems from a missing array size check in RicServiceUpdateHandler...

CISA and NSA Publish Open Radio Access Network Security Considerations

CISA and the National Security Agency NSA have published Open Radio Access Network Security Considerations. This product—generated by the Enduring Security Framework ESF Open Radio Access Network RAN Working Panel, a subgroup within the cross-sector working group—assessed the benefits and securit...