PT-2026-31326 · Unknown · Openairinterface
Tasnim Alam
·
Published
2026-04-08
·
Updated
2026-04-13
·
CVE-2026-30080
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
OpenAirInterface version 2.2.0
Description
OpenAirInterface version 2.2.0 allows Security Mode Complete without integrity protection. Despite supporting integrity protection configurations (NIA1 and NIA2), the system accepts initial registration requests with only security capability IA0. This security downgrade can enable replay attacks.
Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openairinterface