Open5gs Security Vulnerabilities (CVEs)
Track 77 security vulnerabilities affecting Open5gs products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion vulnerability via malformed ASN.1 packets on the S1AP interface. Attackers c...
Jan 22, 2025This vulnerability allows remote attackers to cause denial of service by sending specially crafted S1AP packets to Open5GS MME servers. Attackers can ...
Jan 22, 2025Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed ASN.1 packets on the S1AP interface. Attackers can send UE Con...
Jan 22, 2025Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed S1AP packets. Attackers can send UE Context Modification Failu...
Jan 22, 2025Open5GS MME versions up to 2.6.4 contain a reachable assertion vulnerability in the UE Context Release Request packet handler. An attacker can send sp...
Jan 22, 2025CVE-2023-37023 is a denial-of-service vulnerability in Open5GS MME where specially crafted Uplink NAS Transport packets without the MME_UE_S1AP_ID fie...
Jan 22, 2025Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed ASN.1 packets on the S1AP interface. Attackers can send Handov...
Jan 22, 2025CVE-2023-37008 is a buffer overflow vulnerability in Open5GS MME's ASN.1 deserialization function that can cause type confusion during S1AP message pr...
Jan 22, 2025This vulnerability allows remote attackers to cause denial of service by sending specially crafted ASN.1 packets to Open5GS MME servers. Attackers can...
Jan 22, 2025Open5GS MME versions up to 2.6.4 contain a remotely triggerable assertion via malformed ASN.1 packets on the S1AP interface. Attackers can send Initia...
Jan 22, 2025CVE-2023-37013 is a denial-of-service vulnerability in Open5GS MME where attackers can send oversized ASN.1 packets over S1AP to trigger an assertion ...
Jan 22, 2025CVE-2023-37014 is a denial-of-service vulnerability in Open5GS MME where attackers can send malformed S1AP packets to crash the service. This affects ...
Jan 22, 2025This vulnerability allows remote attackers to cause denial of service in Open5GS MME by sending specially crafted ASN.1 packets over the S1AP interfac...
Jan 22, 2025This vulnerability allows remote attackers to cause denial of service in Open5GS MME by sending specially crafted ASN.1 packets over the S1AP interfac...
Jan 22, 2025This vulnerability in Open5GS allows attackers to trigger a reachable assertion in the amf_ue_set_suci function via crafted NAS packets, causing a Den...
Jan 21, 2025A reachable assertion vulnerability in Open5GS's 5GMM decoding function allows attackers to cause denial of service by sending specially crafted NGAP ...
Jan 21, 2025A denial-of-service vulnerability in Open 5GS allows remote attackers to disrupt PDU session establishment by targeting NFV components like UPF and SM...
Nov 12, 2024CVE-2024-40129 is a critical buffer overflow vulnerability in Open5GS v2.6.4's PFCP context handling that allows remote attackers to execute arbitrary...
Jul 16, 2024Open5GS v2.7.0 contains a vulnerability where an attacker can cause denial of service by sending 64 unsuccessful UE/gNB registration attempts. This af...
May 8, 2024Open5GS versions before 2.7.1 contain a reachable assertion vulnerability in the AMF component that can be triggered by sending specially crafted NAS ...
May 5, 2024This vulnerability in open5gs v2.6.6 allows attackers to crash the AMF (Access and Mobility Management Function) component by exploiting SIGPIPE signa...
Jan 2, 2024This CVE describes a denial-of-service vulnerability in Open5GS where an attacker can register a new Virtual Network Function (VNF) value that trigger...
Oct 3, 2023CVE-2023-23846 is a denial-of-service vulnerability in Open5GS GTP library where specially crafted GTPv1-U messages with zero-length extension headers...
Feb 1, 2023This vulnerability in Open5GS allows remote attackers to cause a Denial of Service (DoS) by sending a specially crafted SBI request to the AMF compone...
Apr 5, 2022A buffer overflow vulnerability in open5gs AMF component allows attackers to cause denial of service by sending specially crafted Supi messages with M...
Mar 29, 2022CVE-2021-45462 is a denial-of-service vulnerability in Open5GS 2.4.0 where a malicious User Equipment (UE) can send a specially crafted packet to cras...
Dec 23, 2021This vulnerability in Open5GS allows remote attackers to execute arbitrary code or cause denial of service via a buffer overflow. Attackers can exploi...
Oct 7, 2021Why Monitor Open5gs Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 77+ known vulnerabilities affecting Open5gs products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Open5gs packages in under 60 seconds. No agents required - completely agentless scanning that works across Open5gs deployments.
Free vulnerability database: Access detailed information about every Open5gs CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Open5gs CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
