CVE-2023-37023
Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `Uplink NAS Transport` packet handler. A packet missi
Open5GS MME versions <= 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MME_UE_S1AP_ID field causes Open5gs to crash.
an attacker may repeatedly send such packets to cause denial of service.
HIGH · CVSS 8.6
EPSS 0.00305
Act now
- Public exploit or PoC is available
- SSVC automatable: yes - attacks can be scripted at scale
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0