CVE-2024-34235 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Open5GS MME versions
High CVSS: 8.6

CVE-2024-34235

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an `Initial UE Message` missing a required `NAS_PDU` field to repeatedly crash the MME, resulting in denial of service.
Vendor
Open5gs
Product
Open5gs
CWE
CWE-617
Yayın Tarihi
2025-01-22 15:15:12
Güncelleme
2025-04-22 17:22:57
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-617 Open5gs HIGH Open5gs 2025

Referanslar

https://cellularsecurity.org/ransacked