PT-2026-45430 · Undefined · Undefined
Minamikotor1
+1
·
Published
2026-06-01
·
Updated
2026-06-01
·
CVE-2026-37220
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2 SETUP REQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path and enforces this via assert(). A remote unauthenticated attacker can crash the near-RT RIC (port 36421) by simply completing an SCTP handshake and immediately disconnecting, without sending any E2AP message.
Exploit
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Undefined