PT-2025-52490 · Open5Gs · Open5Gs
Ziyulin
·
Published
2025-12-19
·
Updated
2025-12-24
·
CVE-2025-14955
CVSS v3.1
3.7
Low
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Open5GS versions prior to 2.7.5
Description
A flaw exists within Open5GS, specifically in the
ogs pfcp handle create pdr function located in the lib/pfcp/handler.c library of the PFCP component. This issue involves improper initialization and can be exploited remotely. The complexity of exploitation is considered high, and it appears to be difficult to execute. The exploit has been publicly released.Recommendations
Apply patch 773117aa5472af26fc9f80e608d3386504c3bdb7.
Exploit
Fix
Improper Initialization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs