CVE-2026-33281

Medium CVSS: 6.5

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing NGAP messages with invalid PDU Session IDs outside of 1-15. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Version 1.6.0 added PDU Session ID validations during NGAP message handling.

Vendor

Ellanetworks

Product

Ella Core

CWE

CWE-129

Yayın Tarihi

2026-03-24 00:16:30

Güncelleme

2026-03-24 19:36:10

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-129 Ella Core MEDIUM Ellanetworks 2026

Referanslar

https://github.com/ellanetworks/core/security/advisories/GHSA-q669-4gmv-g8mf

Benzer Kayıtlar

High

CVE-2026-33282

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing a malformed NGAP Loc…

Medium

CVE-2026-33283

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing malformed UL NAS Tra…

High

CVE-2026-32319

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a malformed integ…

Medium

CVE-2026-32320

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchReque…