Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.14 views

CVE-2026-42081

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

7.1CVSS5.5AI score0.00266EPSS
Exploits1References1
NVD
NVD
added 2026/05/27 5:16 p.m.26 views

CVE-2026-42081

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

7.1CVSS0.00266EPSS
Exploits1References1
CVE
CVE
added 2026/05/27 3:59 p.m.22 views

CVE-2026-42081

CVE-2026-42081 — free5GC AMF UE Security Capabilities bypass (NGAP PathSwitchRequest) Affected software: free5GC AMF (prior to 4.2.2). What is vulnerable: The AMF does not verify UE security capabilities received in NGAP PathSwitchRequest against locally stored values, allowing a malicious gNB to...

7.1CVSS5.9AI score0.00266EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 3:59 p.m.14 views

CVE-2026-42081

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

6.1CVSS5.9AI score0.00266EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 3:59 p.m.11 views

CVE-2026-42081 free5GC: UE Security Capability bypass on NGAP PathSwitchRequest

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

6.1CVSS5.9AI score0.00266EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/27 3:59 p.m.10 views

EUVD-2026-32557

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

6.1CVSS5.9AI score0.00266EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/27 3:59 p.m.50 views

CVE-2026-42081 free5GC: UE Security Capability bypass on NGAP PathSwitchRequest

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

6.1CVSS0.00266EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/07 1:53 a.m.10 views

Free5GC AMF Bypasses UE Security Capabilities on NGAP PathSwitchRequest

Summary The AMF in Free5GC v4.2.1 does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the AMF's stored UE security capabilities with arbitrary values, whic...

7.1CVSS5.9AI score0.00266EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/05/07 1:53 a.m.6 views

GHSA-77X9-RF64-92GV Free5GC AMF Bypasses UE Security Capabilities on NGAP PathSwitchRequest

Summary The AMF in Free5GC v4.2.1 does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the AMF's stored UE security capabilities with arbitrary values, whic...

6.1CVSS5.9AI score0.00266EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.11 views

PT-2026-38366

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Access and Mobility Management Function AMF in free5GC fails to verify UE Security Capabilities received in NGAP PathSwitchRequest messages against locally stored values. This occurs within the...

7.1CVSS5.9AI score0.00266EPSS
Exploits1References6
Rows per page
Query Builder