PT-2025-52483 · Open5Gs · Open5Gs

·

CVE-2025-14953

·

Published

2025-12-19

·

Updated

2025-12-24

CVSS v3.1

5.3

Medium

VectorAV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.5
Description A flaw exists in Open5GS impacting the ogs pfcp handle create pdr function within the lib/pfcp/handler.c library of the FAR-ID Handler component. This can lead to a null pointer dereference, potentially allowing for remote exploitation. The exploitability is considered difficult and requires a high level of complexity. The exploit has been published.
Recommendations Implement patch 93a9fd98a8baa94289be3b982028201de4534e32.

Exploit

Fix

Improper Resource Release

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2025-14953

Affected Products

Open5Gs