3 matches found
CVE-2023-37005
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Failure message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...
CVE-2023-37012
Open5GS MME versions ≤ 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker can send an Initial UE Message missing the PLMN Identity, causing repeated MME crashes and denial of service. The connected Red Hat and CNVD entries c...
CVE-2023-37012
Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial UE Message message missing a required PLMN Identity field to repeatedly crash the MME, resulting in denial of service...