CVE-2026-25657

Published: Giu 05, 2026 Last Modified: Giu 05, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,1

Source: 85b1779b-6ecd-4f52-bcc5-73eac4659dcf

Attack Vector: adjacent

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the system recovers from the crashes when the attack stops.

228

Improper Handling of Syntactically Invalid Structure

Incomplete

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability

Potential Impacts:

Unexpected State Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu)

Applicable Platforms

All platforms may be affected

View CWE Details

https://www.ericsson.com/en/about-us/security/psirt/cve-202…

https://www.ericsson.com/en/about-us/security/psirt/cve-2026-25657

CVE-2026-25657

Description

Improper Handling of Syntactically Invalid Structure

Common Consequences

Applicable Platforms

Iscriviti alla newsletter