PT-2026-45454 · Undefined · Undefined
Jiadai Wang
+3
·
Published
2026-06-01
·
Updated
2026-06-01
·
CVE-2026-37224
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
FlexRIC v2.0.0 crashes when receiving a duplicate E2 SETUP REQUEST from the same or spoofed E2 Node. The iApp registry enforces node ID uniqueness via assert() rather than graceful rejection. A remote unauthenticated attacker can crash the iApp process (port 36421) by sending two E2 SETUP REQUESTs with the same E2 node configuration, triggering SIGABRT.
Exploit
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Undefined