Lucene search
Salim S.I, Richard Y Lin, Atlas Huang (CTOne/TrendMicro)ZDI-24-362HistoryApr 09, 2024 - 12:00 a.m.
Microsoft Azure Private 5G Core InitialUEMessage Improper Input Validation Denial-of-Service Vulnerability
2024-04-0900:00:00
Salim S.I, Richard Y Lin, Atlas Huang (CTOne/TrendMicro)
www.zerodayinitiative.com
19
denial-of-service
remote attack
microsoft azure
improper input validation
5g network
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure Private 5G Core. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of InitialUEMessage messages. The issue results from improper length validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the 5G network.
Related
vulnrichment
vulnrichment
CVE-2024-20685 Azure Private 5G Core Denial of Service Vulnerability
2024-04-09 17:00:34
cve
cve
CVE-2024-20685
2024-04-09 17:15:33
mscve
mscve
Azure Private 5G Core Denial of Service Vulnerability
2024-04-09 07:00:00
cvelist
cvelist
CVE-2024-20685 Azure Private 5G Core Denial of Service Vulnerability
2024-04-09 17:00:34
nvd
nvd
CVE-2024-20685
2024-04-09 17:15:33
trendmicroblog
trendmicroblog
Vulnerabilities in Cellular Packet Cores Part IV: Authentication
2024-09-18 00:00:00
kaspersky
kaspersky
KLA65507 Multiple vulnerabilities in Microsoft Azure
2024-04-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - April 2024
2024-04-09 20:28:17