Description
Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0.
Published: 2026-04-02
Score: 5.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

Ella Core’s NGAP handover failure handling contains a null pointer dereference that causes the application to panic. Exploitation allows an attacker who can induce a gNodeB to send NGAP handover failure messages to cause a crash, denying all connected subscribers access to network services.

Affected Systems

Affected vendor is Ella Networks; product is Ella Core. All versions prior to 1.8.0 are vulnerable. The issue was fixed in release 1.8.0 and later.

Risk and Exploitability

The CVSS score of 5.8 indicates moderate severity. The EPSS score is below 1%, suggesting a low likelihood of exploitation. The flaw is not listed in CISA’s KEV catalog. Attackers would need the ability to influence gNodeB behavior to send NGAP handover failure messages, with no official workaround available other than patching.

Generated by OpenCVE AI on April 7, 2026 at 23:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Ella Core to version 1.8.0 or later.
  • Verify all instances are running the patched version.

Generated by OpenCVE AI on April 7, 2026 at 23:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-6gm8-3g4h-w82m Ella Core Panics Upon NGAP handover failure
History

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Ellanetworks ella Core
CPEs cpe:2.3:a:ellanetworks:ella_core:*:*:*:*:*:*:*:*
Vendors & Products Ellanetworks ella Core

Fri, 03 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Ellanetworks
Ellanetworks core
Vendors & Products Ellanetworks
Ellanetworks core

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connected subscribers. This issue has been patched in version 1.8.0.
Title Ella Core Panics Upon NGAP handover failure
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H'}

Subscriptions

Ellanetworks Core Ella Core
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-03T15:43:40.050Z

Reserved: 2026-03-30T19:17:10.225Z

Link: CVE-2026-34761

cve-icon Vulnrichment

Updated: 2026-04-03T15:43:34.738Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T20:16:25.747

Modified: 2026-04-07T16:51:35.653

Link: CVE-2026-34761

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:55:23Z

Weaknesses