CVE-2026-8743

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.7

Description An improper authorization issue exists in the AMF/MME component within the ran ue find by amf ue ngap id() function of the src/amf/context.c file. This flaw allows a remote attacker to perform a manipulation that results in improper authorization.

Recommendations Install patch 5746b8576cfceec18ed87eb7d8cf11b1fb4cd8b1. As a temporary workaround, restrict access to the ran ue find by amf ue ngap id() function to minimize the risk of exploitation.

Exploit

Fix

Improper Authorization

Incorrect Privilege Assignment

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-266

Related Identifiers

CVE-2026-8743

Affected Products

Open5Gs

CVE-2026-8743

Weakness Enumeration

Related Identifiers

Affected Products

References · 11