CVE-2025-14954

Published: Dic 19, 2025 Last Modified: Feb 24, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,3
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
LOW 3,7
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low
LOW 2,6
Source: [email protected]
Access Vector: network
Access Complexity: high
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial

Description

AI Translation Available

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogs_pfcp_pdr_find_or_add/ogs_pfcp_far_find_or_add/ogs_pfcp_urr_find_or_add/ogs_pfcp_qer_find_or_add in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to initiate the attack remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 442369dcd964f03d95429a6a01a57ed21f7779b7. Applying a patch is the recommended action to fix this issue.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0009
Percentile
0,3th
Updated

EPSS Score Trend (Last 87 Days)

617

Reachable Assertion

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability
Potential Impacts:
Dos: Crash, Exit, Or Restart
Applicable Platforms
Languages: C, Java, Not Language-Specific, Rust
View CWE Details
Application

Open5Gs by Open5Gs

Product Information
Vendor Open5Gs
Product Open5Gs
Version Range Affected
To 2.7.5 (inclusive)
cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/commit/442369dcd964f03d9…
https://github.com/open5gs/open5gs/commit/442369dcd964f03d95429a6a01a57ed21f777…
https://github.com/open5gs/open5gs/issues/4181
https://github.com/open5gs/open5gs/issues/4181
https://github.com/open5gs/open5gs/issues/4181#issue-366706…
https://github.com/open5gs/open5gs/issues/4181#issue-3667069101
https://github.com/open5gs/open5gs/issues/4181#issuecomment…
https://github.com/open5gs/open5gs/issues/4181#issuecomment-3615646842
https://vuldb.com/?ctiid.337590
https://vuldb.com/?ctiid.337590
https://vuldb.com/?id.337590
https://vuldb.com/?id.337590
https://vuldb.com/?submit.716810
https://vuldb.com/?submit.716810