NewsSecurity Vulnerabilities

Open5GS denial of service vulnerability (CVE-2026-7535)

CVE number = CVE-2026-7535

A vulnerability was found in Open5GS up to 2.7.7.

This affects the function amf_namf_comm_handle_registration_status_update_request in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/{ueContextId}/transfer-update.

Performing a manipulation of the argument ueContextId results in denial of service.

The attack can be initiated remotely.

The exploit has been made public and could be used.

Further details – https://github.com/open5gs/open5gs/issues/4399

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.