Open5GS has an unspecified vulnerability (CNVD-2025-03161)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to send an "E-RAB Setup Response" message that lacks the required mmeues1apid' field to...

CVE-2023-37003

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an E-RAB Setup Response message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...