93 matches found
Finding Phones Fast: Low-Latency and Scalable Monitoring of Cellular Communications in Sensitive Areas
The widespread availability of cellular devices introduces new threat vectors that allow users or attackers to bypass security policies and physical barriers and bring unauthorized devices into sensitive areas. These threats can arise from user non-compliance or deliberate actions aimed at data...
CVE-2025-52288
Assertion failure in function ngapbuilddownlinknastransport in file src/amf/ngap-build.c, the Access and Mobility Management Function AMF component, in Open5GS thru 2.7.5 allowing attackers to cause a denial of service or other unspecified impacts via repeated UE connect and disconnect message...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via the ngapbuilddownlinknastransport function in the Access and Mobility Management Function AMF component. An attacker can cause the process to terminate unexpectedly by repeatedly sending UE connect and disconnect...
CVE-2025-52288
Assertion failure in function ngapbuilddownlinknastransport in file src/amf/ngap-build.c, the Access and Mobility Management Function AMF component, in Open5GS thru 2.7.5 allowing attackers to cause a denial of service or other unspecified impacts via repeated UE connect and disconnect message...
PT-2025-36506
Name of the Vulnerable Software and Affected Versions: Open5GS versions through 2.7.5 Description: An assertion failure in the ngap build downlink nas transport function within the src/amf/ngap-build.c file, part of the Access and Mobility Management Function AMF component, can lead to a denial o...
CVE-2025-52288
Assertion failure in function ngapbuilddownlinknastransport in file src/amf/ngap-build.c, the Access and Mobility Management Function AMF component, in Open5GS thru 2.7.5 allowing attackers to cause a denial of service or other unspecified impacts via repeated UE connect and disconnect message...
Sni5Gect: a Practical Approach to Inject aNRchy into 5G NR
In this paper, the authors propose and design SNI5GECT – a framework that sniffs messages from pre-authentication 5G communication in real-time and injects targeted attack payload in downlink communication towards the UE...
Open5GS has an unspecified vulnerability (CNVD-2025-18568)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to cause reachable assertions via the function ngapbuilddownlinknastransport in the...
CVE-2025-8804
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8804
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8804 Open5GS AMF ngap_build_downlink_nas_transport assertion
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8804 Open5GS AMF ngap_build_downlink_nas_transport assertion
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
CVE-2025-8804
Open5GS up to version 2.7.5 is affected. The vulnerability lies in the ngap_build_downlink_nas_transport function in the AMF component, which can lead to a reachable assertion. The issue can be exploited remotely, and public disclosure of exploits is noted. The approved fix is to upgrade to versi...
CVE-2025-8804 Open5GS AMF ngap_build_downlink_nas_transport assertion
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngapbuilddownlinknastransport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...
Open5GS 安全漏洞
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to cause reachable assertions via the function ngapbuilddownlinknastransport in the...
PT-2025-32478 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.5 Description: A vulnerability has been identified in Open5GS, classified as problematic. The vulnerability affects the ngap build downlink nas transport function within the AMF component. Manipulation of this...
CVE-2025-24798
Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains wantresponse==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This...
CVE-2019-2271
Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...
CVE-2022-40504
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network...
CVE-2024-45038 Device crash via malformed MQTT packet when downlink is enabled in Meshtastic device firmware
Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic device firmware is subject to a denial of serivce vulnerability in MQTT handling, fixed in version 2.4.1 of the...