CVE-2025-41068

Опубликовано: 27 окт. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the process, leaving the discovery service unresponsive.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*

Версия до 2.7.5 (исключая)

EPSS

Процентиль: 19%

0.00059

Низкий

7.5 High

CVSS3

Дефекты

CWE-617

Связанные уязвимости

CVE-2025-41068

CVSS3: 7.5

debian

3 месяца назад

Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allow ...

GHSA-8w5q-7h44-9vh9

CVSS3: 7.5

github

3 месяца назад

Reachable Assertion vulnerability in Open5GS up to version 2.7.5 allows attackers with connectivity to the NRF to cause a denial of service. This is achieved by sending the creation of an NF with an invalid type via SBI and then requesting its data. The NRF executes a check that crashes the process, leaving the discovery service unresponsive.

EPSS

Процентиль: 19%

0.00059

Низкий

7.5 High

CVSS3

Дефекты

CWE-617