CVE-2025-1925
Published: 04 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-1925 is a denial-of-service vulnerability classified as problematic in Open5GS versions up to 2.7.2. It affects the AMF component, specifically the function amf_nsmf_pdusession_handle_update_sm_context in the file src/amf/nsmf-handler.c. The issue falls under CWE-404 and carries a CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L), indicating network-accessible exploitation with low complexity and no privileges required, resulting in limited availability impact.
A single User Equipment (UE) can remotely exploit this vulnerability to crash the AMF, leading to a complete loss of mobility and session management services and causing a network-wide outage. All registered UEs lose connectivity, and new registrations are blocked until the AMF is restarted, resulting in a high availability impact.
Advisories recommend applying a patch to fix the issue, with a fix available in Open5GS pull request #3711 on GitHub. The exploit has been publicly disclosed, including details in a bug report at https://github.com/guoweifk/BugReport/blob/main/Open5GS%20AMF%20Denial%20of%20Service%20via%20PDU%20Session%20ID%20Conflict, and may be used by attackers. Further information is provided in VulDB entries at https://vuldb.com/?ctiid.298513, https://vuldb.com/?id.298513, and https://vuldb.com/?submit.506038.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CVE-2025-1925 enables remote unauthenticated denial of service by crashing the Open5GS AMF via PDU Session ID conflict in amf_nsmf_pdusession_handle_update_sm_context, directly facilitating T1499.004 (Endpoint Denial of Service: Application or System Exploitation).