Description
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smf_nsmf_handle_create_sm_context of the component SMF. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-11
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the smf_nsmf_handle_create_sm_context routine of Open5GS's SMF component can be triggered through crafted input, causing the SMF to crash and result in a denial of service. The vulnerability permits remote exploitation, meaning an external adversary can trigger the crash from outside the controlled environment. The impact is limited to availability, as there is no evidence of data disclosure or code execution.

Affected Systems

All installations of the Open5GS project using version 2.7.7 or earlier are vulnerable. The affected product is Open5GS SMF, which is used to manage user sessions in 5G core networks. No narrower version range is specified, so the standard practice is to assume all releases up to and including 2.7.7 are at risk.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity level, while the EPSS score is not available and the vulnerability is not listed in CISA KEV. Remote exploitation is possible, and the existence of a public exploit suggests that opportunistic attackers could readily compromise the SMF control plane. The likely attack vector is through a remote, unauthenticated network connection to the SMF endpoint; this is inferred from the description since the exact path is not explicitly detailed.

Generated by OpenCVE AI on May 11, 2026 at 06:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Open5GS release that fixes the smf_nsmf_handle_create_sm_context function (e.g., 2.8.0 or newer).
  • If a patch or newer release is unavailable, replace the vulnerable SMF module with a community patch or fork that addresses the crash.
  • Implement firewall or network segmentation to restrict access to the SMF control plane so that only trusted, internal control plane nodes can reach its endpoints; block unauthenticated traffic from external sources.

Generated by OpenCVE AI on May 11, 2026 at 06:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 11 May 2026 05:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smf_nsmf_handle_create_sm_context of the component SMF. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Title Open5GS SMF smf_nsmf_handle_create_sm_context denial of service
First Time appeared Open5gs
Open5gs open5gs
Weaknesses CWE-404
CPEs cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-11T03:30:09.172Z

Reserved: 2026-05-10T15:44:31.588Z

Link: CVE-2026-8269

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-11T05:16:15.350

Modified: 2026-05-11T15:10:16.663

Link: CVE-2026-8269

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T06:30:29Z

Weaknesses