CVE-2026-2524 - Vulnerability Details

- Open5GS MME mme_s11_handle_create_session_response denial of service

Description

A flaw has been found in Open5GS 2.7.6. The impacted element is the function mme_s11_handle_create_session_response of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Published: 2026-02-16

Score: 6.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability resides in the mme_s11_handle_create_session_response function of Open5GS's MME component version 2.7.6. An attacker can manipulate responses to this function, triggering a resource exhaustion condition that causes the MME process to crash and result in a denial of service. The weakness is identified as a resource management flaw (CWE‑404).

Affected Systems

The affected system is Open5GS MME version 2.7.6. No other vendors or product versions are currently impacted according to the available data.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity. The EPSS score of less than 1% suggests that the probability of this vulnerability being exploited in the wild is low, and the vulnerability is not currently listed in the CISA KEV catalog. However, the description confirms that an exploit has already been published and is potentially available for use. The attack can be launched remotely, implying that the attacker does not need local access. Given the moderate severity and the low exploitation likelihood, the overall risk is moderate but could be elevated if an attacker obtains access to the network segment that communicates with the MME's S11 interface.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Open5GS

affected

Version	Status	Constraints
`2.7.6`	affected	—

Configuration 1 [-]

cpe:2.3:a:open5gs:open5gs:2.7.6:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Open5gs

—

Version	Status	Scheme	Platform
`2.7.6`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Verify whether an official patch or newer version of Open5GS that addresses the issue is available and apply it as soon as possible.
If no patch is released, isolate the MME component from untrusted network traffic by configuring the S11 interface to accept connections only from trusted peers or by implementing strict firewall rules.
Continuously monitor MME logs for repeated crashes or abnormal traffic patterns that may indicate an ongoing denial‑of‑service attempt, and consider implementing rate‑limiting or temporary service throttling to mitigate impact until a patch is applied.

Generated by OpenCVE AI on April 17, 2026 at 19:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00043.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/issues/4284
https://github.com/open5gs/open5gs/issues/4284#issue-3808462406
https://vuldb.com/?ctiid.346112
https://vuldb.com/?id.346112
https://vuldb.com/?submit.738369

History

Mon, 23 Feb 2026 10:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:open5gs:open5gs::::::::

Wed, 18 Feb 2026 19:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:open5gs:open5gs:2.7.6:::::::*

Tue, 17 Feb 2026 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 16 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Open5gs Open5gs open5gs
Vendors & Products		Open5gs Open5gs open5gs

Mon, 16 Feb 2026 01:00:00 +0000

Type	Values Removed	Values Added
Description		A flaw has been found in Open5GS 2.7.6. The impacted element is the function mme_s11_handle_create_session_response of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title		Open5GS MME mme_s11_handle_create_session_response denial of service
Weaknesses		CWE-404
References		https://github.com/open5gs/open5gs/ https://github.com/open5gs/open5gs/issues/4284 https://github.com/open5gs/open5gs/issues/4284#issue-3808462406 https://vuldb.com/?ctiid.346112 https://vuldb.com/?id.346112 https://vuldb.com/?submit.738369
Metrics		cvssV2_0 `{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Open5gs Open5gs

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-16T00:32:07.343Z

Updated: 2026-02-23T10:03:11.209Z

Reserved: 2026-02-15T08:41:50.937Z

Link: CVE-2026-2524

Vulnrichment

Updated: 2026-02-17T17:15:53.542Z

NVD

Status : Analyzed

Published: 2026-02-16T01:15:54.000

Modified: 2026-02-18T19:07:38.287

Link: CVE-2026-2524

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T19:30:15Z

Weaknesses

CWE-404

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object