CVE-2023-37020

Name of the Vulnerable Software and Affected Versions Open5GS MME versions prior to 2.6.4

Description The issue allows an attacker to send a "UE Context Release Complete" message without the required MME UE S1AP ID field, which can cause the MME to crash repeatedly, resulting in denial of service. This can be achieved by sending a malformed ASN.1 packet over the S1AP interface.

Recommendations For versions prior to 2.6.4, update to version 2.6.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the S1AP interface to minimize the risk of exploitation. Avoid processing UE Context Release Complete messages missing the MME UE S1AP ID field until the issue is resolved.