PT-2026-3405 · Open5Gs · Open5Gs
Frankylin
·
Published
2026-01-18
·
Updated
2026-02-10
·
CVE-2025-15539
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Open5GS versions through 2.7.6
Description
A flaw exists in Open5GS that can lead to a denial of service. The issue is located in the
sgwc s11 handle downlink data notification ack function within the src/sgwc/s11-handler.c file of the sgwc component. The attack can be initiated remotely and has been publicly disclosed.Recommendations
Deploy the patch b4707272c1caf6a7d4dca905694ea55557a0545f.
Exploit
Fix
DoS
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs