open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.
The vulnerability consists of a buffer overflow (out-of-bounds write, CWE-787, CWE-120) in the Open5GS core library module — specifically in the abts.c file. An attacker can provide specially crafted input data that exceeds the boundaries of an allocated buffer in memory. The attack is possible remotely, without authentication and without user interaction, which significantly increases its criticality.
Successful exploitation of this vulnerability may enable an attacker to execute arbitrary code remotely (RCE), take control of the system, and compromise the confidentiality, integrity, and availability of the entire 5G/LTE network node.
A patch available in the project repository should be applied — commit 2f8ae91b0b9467f94f128090c88cae91bd73e008 available on GitHub open5gs/open5gs. It is recommended to update to a version containing the indicated patch in accordance with manufacturer references.
Open5GS version 2.6.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOpen5gs
APPOpen5Gs2.6.4
Related vulnerabilities
Buffer Overflow w Open5GS v2.6.4 — podatność krytyczna w module PFCP
A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. The WebUI component all...
An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request (ty...
In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of servic...
Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF...