Microsoft · Azure Private 5G Core · CVE-2024-20685
**Name of the Vulnerable Software and Affected Versions**
Microsoft Azure Private 5G Core (affected versions not specified)
**Description**
The issue is related to improper input validation in the InitialUEMessage processing, which can lead to a denial-of-service condition. This can be exploited by a remote attacker to cause service outages. The vulnerability is due to errors in handling the length of input data in messages. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.