Free5gc: Security Vulnerabilities
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-15
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-15
Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-13
pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-10-23
Cross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to "admin". It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an unprivileged remote user is able to create, delete and modify users within theapplication.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-02
In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-11-18
Free5gc v3.2.1 is vulnerable to Information disclosure.
CVSS Score
7.5
EPSS Score
0.862
Published
2022-10-25
In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-10-24
Page 2