Vulnerability Details CVE-2026-30079
In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a registration accept! This leads the UE to be registered without proper authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-30079
-
cpe:2.3:a:openairinterface:oai-cn5g-amf:2.2.0