← voltar
CVE-2025-15532

Open5GS Timer resource consumption

CVSS 6.9 MEDIUMEPSS 1.0%CWE-400CWE-404
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.9EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
17 jan 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
n/a · Open5GS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/open5gs/open5gs/https://github.com/open5gs/open5gs/commit/c7c131f8d2cb1195ada5e0e691b6868ebcd8a845https://github.com/open5gs/open5gs/issues/4220https://github.com/open5gs/open5gs/issues/4220#issue-3766066853https://github.com/open5gs/open5gs/issues/4221https://vuldb.com/?ctiid.341599https://vuldb.com/?id.341599https://vuldb.com/?submit.729354https://vuldb.com/?submit.729357https://vuldb.com/?submit.735340https://vuldb.com/?submit.735341https://vuldb.com/?submit.735342