Description
An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuthenticationFailure of the component AMF
Published: 2026-03-24
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in Free5GC allows a remote attacker to trigger a denial of service by exploiting the HandleAuthenticationFailure function in the AMF component. This weakness permits an attacker to repeatedly provoke failures that overwhelm system resources, leading to unavailability of the AMF and potentially the entire network slice depending on the deployment. The flaw is classified as CWE‑400, indicating a resource exhaustion weakness. The impact manifests as a service outage, affecting network availability and disrupting business services that rely on 5G connectivity.

Affected Systems

Free5GC versions 4.2.0 and earlier are affected. The issue is present in the AMF module of the Free5GC open source 5G core stack. No other vendors or product lines are listed as impacted.

Risk and Exploitability

The CVSS score of 7.5 places this vulnerability in the high-risk category. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog, suggesting no known large-scale exploit but retaining a high potential for exploitation. The attack vector is remote, inferred from the description, and likely occurs over network interfaces that the AMF exposes. An attacker with network access could invoke authentication failure scenarios repeatedly, exhausting resources and causing downtime.

Generated by OpenCVE AI on March 24, 2026 at 21:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Free5GC to a version newer than 4.2.0 to remediate the denial of service vulnerability.
  • If an immediate upgrade is not feasible, consider temporarily disabling the AMF service until a patch is applied to prevent exploitation.
  • Monitor system logs for repeated authentication failures that could indicate an ongoing attack or misconfiguration.

Generated by OpenCVE AI on March 24, 2026 at 21:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Remote Denial of Service via Authentication Failure Handler in Free5GC AMF

Tue, 24 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Free5gc
Free5gc free5gc
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:free5gc:free5gc:*:*:*:*:*:*:*:*
Vendors & Products Free5gc
Free5gc free5gc
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Description An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuthenticationFailure of the component AMF
References

Subscriptions

Free5gc Free5gc
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-24T18:51:30.979Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30653

cve-icon Vulnrichment

Updated: 2026-03-24T18:51:27.540Z

cve-icon NVD

Status : Modified

Published: 2026-03-24T15:16:34.137

Modified: 2026-03-24T20:16:26.650

Link: CVE-2026-30653

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:40:49Z

Weaknesses