CVE-2026-4988
⚪ Do wiadomości
Błąd w Open5GS umożliwia zdalne wywołanie odmowy usługi.
CVSS
3.7
EPSS
0.1%
Exploit
poc
Vendor
open5gs
Opis źródłowy (NVD)
A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smf_gx_cca_cb/smf_gy_cca_cb/smf_s6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been released to the public and may be used for attacks.
dos exploit
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 3.7 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.1% |
| Opublikowano (NVD) | 2026-03-27 22:16:23 UTC |
| Ostatnia modyfikacja (NVD) | 2026-03-30 17:17:07 UTC |
Referencje
- https://github.com/open5gs/open5gs/ (cna@vuldb.com) [Product]
- https://github.com/open5gs/open5gs/issues/4342 (cna@vuldb.com) [Exploit, Issue Tracking]
- https://github.com/open5gs/open5gs/issues/4342#issue-4021772232 (cna@vuldb.com) [Issue Tracking]
- https://vuldb.com/?ctiid.353875 (cna@vuldb.com) [Permissions Required, VDB Entry]
- https://vuldb.com/?id.353875 (cna@vuldb.com) [Third Party Advisory, VDB Entry]
- https://vuldb.com/?submit.771349 (cna@vuldb.com) [Exploit, Third Party Advisory, VDB Entry]