CVE-2026-32320

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.5.1

Description Ella Core is a 5G core designed for private networks. The software experiences a panic, leading to a denial of service, when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings. An attacker capable of sending crafted NGAP messages to Ella Core can disrupt service for all connected subscribers. No authentication is required for exploitation. The issue stems from a lack of length validation on NR algorithm bitstrings before they are accessed within the PathSwitchRequest handler.

Recommendations Versions prior to 1.5.1 should be updated to version 1.5.1 or later.