PT-2025-52484 · Open5Gs · Open5Gs
Ziyulin
·
Published
2025-12-19
·
Updated
2025-12-28
·
CVE-2025-14954
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Open5GS versions up to 2.7.5
Description
A flaw exists in Open5GS related to assertions within the
ogs pfcp pdr find or add, ogs pfcp far find or add, ogs pfcp urr find or add, and ogs pfcp qer find or add functions located in the lib/pfcp/context.c file, specifically within the QER/FAR/URR/PDR component. This issue is remotely exploitable and has a high complexity rating, though exploitability is considered difficult. The exploit details have been publicly disclosed.Recommendations
Apply the patch with identifier 442369dcd964f03d95429a6a01a57ed21f7779b7.
Exploit
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs