Description
Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data.
Published: 2026-04-30
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw causes an assertion failure within the Protocol Configuration Options parser of the Session Management Function component, triggered by NGAP messages that carry malformed length fields for protocol configuration data; the result is an internal crash of the SMF service, leading to a denial of service for users relying on the affected network element.

Affected Systems

All Open5GS deployments that use the SMF component prior to the v2.7.5 release are susceptible, regardless of distribution channel or hosting environment.

Risk and Exploitability

Remote attackers who can reach the SMF over the NGAP interface can craft messages that exploit the parsing bug; the vulnerability is not currently listed in the CISA KEV catalog and EPSS information is unavailable, but the remote nature and potential to abort the SMF process imply a high risk of service disruption. No known public exploitation has been reported, yet the absence of a KEV listing does not mitigate the inherent vulnerability due to the ease with which the attack vector can be exercised over the network.

Generated by OpenCVE AI on May 2, 2026 at 00:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Open5GS to version 2.7.5 or later where the PCO parser issue is resolved.
  • If an upgrade is delayed, restrict NGAP traffic to the SMF from trusted sources only using firewall or ACL rules to reduce the attack surface.
  • Monitor SMF logs for assertion failures or sudden restarts and alert operators if such events occur.
  • Apply any interim patches or security advisories released by the Open5GS community as soon as they become available.

Generated by OpenCVE AI on May 2, 2026 at 00:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 02 May 2026 00:45:00 +0000

Type Values Removed Values Added
Title Remote Denial of Service via Malformed NGAP Protocol Configuration Options in Open5GS SMF
Weaknesses CWE-20
CWE-682

Thu, 30 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Open5gs
Open5gs open5gs
Vendors & Products Open5gs
Open5gs open5gs

Thu, 30 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Description Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data.
References

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-30T19:37:56.159Z

Reserved: 2025-08-17T00:00:00.000Z

Link: CVE-2025-56568

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-04-30T20:16:23.220

Modified: 2026-05-01T15:37:42.383

Link: CVE-2025-56568

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T00:30:16Z

Weaknesses