Description

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer of the file src/smf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named 2daa44adab762c47a8cef69cc984946973a845b3. It is recommended to apply a patch to fix this issue. In Open5GS bis 2.7.3 wurde eine problematische Schwachstelle entdeckt. Es geht um die Funktion ngap_handle_path_switch_request_transfer der Datei src/smf/ngap-handler.c der Komponente NGAP PathSwitchRequest Message Handler. Dank der Manipulation mit unbekannten Daten kann eine reachable assertion-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Der Patch wird als 2daa44adab762c47a8cef69cc984946973a845b3 bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen.

Classification

CVE ID: CVE-2025-5501

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products

Vendor: n/a

Product: Open5GS

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 14.12% (scored less or equal to compared to others)

EPSS Date: 2025-06-08 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-5501
https://vuldb.com/?id.310915
https://vuldb.com/?ctiid.310915
https://vuldb.com/?submit.582265
https://github.com/open5gs/open5gs/issues/3909
https://github.com/open5gs/open5gs/issues/3909#issuecomment-2926682623
https://github.com/user-attachments/files/20362183/AMF.crash.due.to.pathswitchrequest.zip
https://github.com/open5gs/open5gs/commit/2daa44adab762c47a8cef69cc984946973a845b3

Timeline