CVE-2025-15532

EUVD-2026-3137
A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
VulDBCNA
5.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
open5gsopen5gs
𝑥
≤ 2.7.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/commit/c7c131f8d2cb1195ada5e0e691b6868ebcd8a845
https://github.com/open5gs/open5gs/issues/4220
https://github.com/open5gs/open5gs/issues/4220#issue-3766066853
https://github.com/open5gs/open5gs/issues/4221
https://vuldb.com/?ctiid.341599
https://vuldb.com/?id.341599
https://vuldb.com/?submit.729354
https://vuldb.com/?submit.729357
https://vuldb.com/?submit.735340
https://vuldb.com/?submit.735341
https://vuldb.com/?submit.735342