Lucene search
K

65 matches found

Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.10 views

CVE-2023-37011

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Required message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

6.2AI score0.00474EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.10 views

CVE-2023-37003

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Setup Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

5.2AI score0.00261EPSS
Exploits1References1
CVE
CVE
added 2025/01/22 12:0 a.m.49 views

CVE-2023-37020

CVE-2023-37020 affects Open5GS MME up to and including version 2.6.4. A malformed ASN.1 packet sent over the S1AP interface can trigger an assertion when a UE Context Release Complete message is missing the required MME_UE_S1AP_ID, causing the MME to crash and resulting in denial of service. Conn...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/01/22 12:0 a.m.46 views

CVE-2023-37005

Open5GS MME <= 2.6.4 is affected by an assertion that can be remotely triggered via a malformed ASN.1 packet on the S1AP interface. An attacker can send an Initial Context Setup Failure message missing the required MME_UE_S1AP_ID field, which may repeatedly crash the MME and cause denial of se...

5.3CVSS6.8AI score0.00261EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/01/22 12:0 a.m.8 views

CVE-2023-37019

Open5GS MME versions = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an S1Setup Request message missing a required Supported TAs field to repeatedly crash the MME, resulting in denial of service...

8.6CVSS6.7AI score0.00752EPSS
Exploits1References3
CVE
CVE
added 2025/01/22 12:0 a.m.52 views

CVE-2023-37016

Open5GS MME in versions

8.6CVSS6.4AI score0.00752EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/01/22 12:0 a.m.50 views

CVE-2023-37010

Open5GS MME versions ≤ 2.6.4 are affected by an assertion that can be remotely triggered via a malformed ASN.1 packet on the S1AP interface. An attacker can send an ENB Status Transfer message missing the MME_UE_S1AP_ID, causing the MME to crash and leading to denial of service. The most reliable...

6.3CVSS7AI score0.00474EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.15 views

CVE-2023-37005

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Failure message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

0.00261EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.9 views

CVE-2023-37016

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a UE Context Modification Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

0.00752EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.16 views

CVE-2023-37019

Open5GS MME versions = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an S1Setup Request message missing a required Supported TAs field to repeatedly crash the MME, resulting in denial of service...

0.00752EPSS
Exploits1References1
OSV
OSV
added 2025/01/22 12:0 a.m.7 views

CVE-2023-37021

Open5GS MME version = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a UE Context Modification Failure message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

8.6CVSS6.7AI score0.00752EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.5 views

PT-2025-1396 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a malformed ASN.1 packet over the S1AP interface, triggering an assertion that can cause a denial of service. Specifically, an attacker may send an "Initial...

5.3CVSS7.1AI score0.00261EPSS
Exploits1References4
CVE
CVE
added 2025/01/22 12:0 a.m.49 views

CVE-2023-37015

Open5GS MME versions ≤ 2.6.4 are affected by an assertion that can be remotely triggered via a malformed ASN.1 packet on the S1AP interface. An attacker can send a Path Switch Request lacking the required MME_UE_S1AP_ID, causing the MME to crash and leading to denial of service. Affected software...

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/01/22 12:0 a.m.5 views

CVE-2023-37009

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Notification message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

6.3CVSS6.7AI score0.00474EPSS
Exploits1References3
CVE
CVE
added 2025/01/22 12:0 a.m.75 views

CVE-2023-37014

Open5GS MME versions ≤ 2.6.4 are affected by an assertion that can be remotely triggered via a malformed ASN.1 packet on the S1AP interface. An attacker can send a UE Context Release Request missing the required MME_UE_S1AP_ID field, causing the MME to repeatedly crash and resulting in a denial o...

7.5CVSS6.4AI score0.00752EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.5 views

PT-2025-1409

Name of the Vulnerable Software and Affected Versions Open5GS MME versions = 2.6.4 Description The issue is related to an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an S1Setup Request message missing a required Global eNB ID...

8.6CVSS5.4AI score0.00752EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.6 views

CVE-2023-37017

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an S1Setup Request message missing a required Global eNB ID field to repeatedly crash the MME, resulting in denial of service...

8.3AI score0.00752EPSS
Exploits1References1
CVE
CVE
added 2025/01/22 12:0 a.m.49 views

CVE-2023-37017

Affected software: Open5GS MME versions

8.6CVSS6.8AI score0.00752EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.14 views

CVE-2023-37017

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an S1Setup Request message missing a required Global eNB ID field to repeatedly crash the MME, resulting in denial of service...

0.00752EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.11 views

CVE-2023-37009

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a Handover Notification message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

0.00474EPSS
Exploits1References1
Rows per page
Query Builder