CVE-2024-24428

HighPublic PoC

Published: 21 January 2025

Published

21 January 2025

Modified

24 January 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0019 41.2th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A reachable assertion in the oai_nas_5gmm_decode function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.

Security Summary

CVE-2024-24428 is a reachable assertion vulnerability in the oai_nas_5gmm_decode function of Open5GS versions up to and including 2.6.4. This flaw enables attackers to trigger a Denial of Service (DoS) condition through a crafted NGAP packet. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-617.

An unauthenticated attacker with network access can exploit this vulnerability due to its low attack complexity and lack of required privileges or user interaction. By sending a specially crafted NGAP packet to an affected Open5GS deployment, the attacker triggers the assertion in the NAS 5GMM decoding process, resulting in a crash or service disruption that impacts availability without affecting confidentiality or integrity.

Mitigation details are available in the advisory published at https://cellularsecurity.org/ransacked, which was referenced alongside the CVE publication on 2025-01-21.

Details

CWE(s): CWE-617

Affected Products

open5gs

≤ 2.6.4

References

https://cellularsecurity.org/ransacked
Exploit, Third Party Advisory · cve@mitre.org