Lucene search
+L

27 matches found

Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.6 views

PT-2025-1412 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a "UE Context Release Complete" message without the required MME UE S1AP ID field, which can cause the MME to crash repeatedly, resulting in denial of...

8.6CVSS7.1AI score0.00752EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/01/22 12:0 a.m.16 views

CVE-2023-37014

Open5GS MME versions = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a UE Context Release Request message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

0.00752EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.7 views

PT-2025-1406 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions = 2.6.4 Description: The issue concerns an assertion in Open5GS MME that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send a UE Context Release Request message missing a...

7.5CVSS7AI score0.00752EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.5 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial of service vulnerability that stems from the inclusion of reachable assertions in the UE Context Release Request packet handler. An attacker...

7.5CVSS6.6AI score0.00752EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.5 views

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited by an attacker to send a "UE Context Release Request" message missing the required mmeues1apid' field to...

7.5CVSS6.6AI score0.00752EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/15 12:0 a.m.23 views

CVE-2024-24455

An invalid memory access when handling a UE Context Release message containing an invalid UE identifier in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service DoS to the cellular network by repeatedly initiating connections and sending a crafted payload...

5.9CVSS0.00344EPSS
Exploits0References1
OSV
OSV
added 2024/03/04 6:15 p.m.6 views

CVE-2021-47091

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix locking in ieee80211startap error path We need to hold the local-mtx to release the channel context, as even encoded by the lockdepassertheld there. Fix it...

5.5CVSS7.3AI score
Exploits0References3
Rows per page
Query Builder