Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/05/27 3:59 p.m.48 views

CVE-2026-42081 free5GC: UE Security Capability bypass on NGAP PathSwitchRequest

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the...

6.1CVSS0.00266EPSS
Exploits1References1
CVE
CVE
added 2026/05/27 3:15 p.m.19 views

CVE-2026-44475

CVE-2026-44475 affects Ella Core (private 5G core). Prior to version 1.10.0, the PathSwitchRequest handling does not verify UE Security Capabilities against locally stored values, allowing a malicious gNB to overwrite a UE’s security capabilities with arbitrary values via a crafted PathSwitchRequ...

6.1CVSS5.9AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.7 views

Ella Core 安全特征问题漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.10.0 contained security feature vulnerabilities. These vulnerabilities stemmed from an unvalidated check to ensure that the UE security...

6.1CVSS5.8AI score0.00148EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from AMF’s failure to verify the UE security capabilities in NGAP PathSwitchRequest messages. This could allow...

7.1CVSS5.8AI score0.00266EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.14 views

PT-2026-39669

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.10.0 Description Ella Core, a 5G core for private networks, fails to verify UE Security Capabilities received in NGAP 'PathSwitchRequest' messages against locally stored values. This allows a malicious gNB to...

6.1CVSS6AI score0.00148EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.11 views

PT-2026-38366

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Access and Mobility Management Function AMF in free5GC fails to verify UE Security Capabilities received in NGAP PathSwitchRequest messages against locally stored values. This occurs within the...

7.1CVSS5.9AI score0.00266EPSS
Exploits1References6
Rows per page
Query Builder