PT-2026-36167 · Open5Gs · Open5Gs
Published
2026-04-30
·
Updated
2026-05-01
·
CVE-2025-56568
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Open5GS versions prior to 2.7.5
Description
An assertion failure in the PCO (Protocol Configuration Options) parser within the SMF (Session Management Function) component allows remote attackers to cause a denial of service. This occurs when the system processes specially crafted NGAP messages that contain malformed length fields in the protocol configuration data.
Recommendations
Update to version 2.7.5 or later.
Fix
DoS
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs