← back
CVE-2025-15531

Open5GS context.c sgwc_bearer_add assertion

CVSS 6.9 MEDIUMEPSS 0.7%CWE-617
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.9EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Jan 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
n/a · Open5GS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/open5gs/open5gs/https://github.com/open5gs/open5gs/issues/4233https://github.com/open5gs/open5gs/issues/4233#issue-3776216182https://vuldb.com/?ctiid.341598https://vuldb.com/?id.341598https://vuldb.com/?submit.729339