CVE-2022-40890 is a high-severity vulnerability identified in Open5GS version 2.4.10 and earlier, specifically within the source file /src/amf/amf-context.c. Open5GS is an open-source implementation of the 5G core network, widely used for research, testing, and in some production environments to provide 5G mobile network core functionalities. The vulnerability relates to the Access and Mobility Management Function (AMF) component, which is critical for managing user equipment registration, connection, and mobility in the 5G network. The flaw leads to a denial of service (DoS) condition, meaning that an attacker can cause the AMF to crash or become unresponsive, disrupting the 5G core network's ability to manage mobile devices. The CVSS 3.1 base score of 7.5 reflects a high severity, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction needed (UI:N), unchanged scope (S:U), no impact on confidentiality or integrity (C:N/I:N), but a high impact on availability (A:H). The underlying weakness is classified under CWE-404, which involves improper resource shutdown or release, indicating that the vulnerability likely arises from the AMF failing to correctly handle certain inputs or states, leading to resource exhaustion or crash. No known exploits are reported in the wild as of the publication date, and no official patches are linked, suggesting that users should be vigilant and apply updates once available or implement mitigations to reduce exposure. Given the critical role of AMF in 5G core networks, this vulnerability can severely disrupt mobile network services if exploited.

For European organizations, especially telecommunications providers and enterprises relying on private 5G networks, this vulnerability poses a significant risk. Exploitation could lead to denial of service of the AMF component, resulting in loss of connectivity for mobile users, interruption of critical communications, and degradation of network reliability. This can affect not only consumer mobile services but also industrial IoT deployments, emergency services, and other critical infrastructure relying on 5G connectivity. The disruption could cause financial losses, reputational damage, and regulatory scrutiny under frameworks like GDPR if service availability impacts data processing or emergency communications. Additionally, the lack of confidentiality or integrity impact means data interception or manipulation is not directly threatened, but the availability impact alone is critical for network operators. Since Open5GS is used in some research, testing, and niche production environments, organizations using this software without proper patching or mitigation are at risk of service outages. The absence of known exploits reduces immediate threat but does not eliminate risk, especially as threat actors often develop exploits post-disclosure.

Organizations should first identify any deployments of Open5GS, particularly versions 2.4.10 or earlier, within their network infrastructure. Immediate mitigation includes isolating the AMF component from untrusted networks to reduce exposure to remote attacks. Network-level protections such as firewalls and intrusion prevention systems should be configured to restrict access to the AMF interfaces only to trusted management and network entities. Monitoring and alerting for unusual AMF crashes or restarts can help detect exploitation attempts early. Since no official patches are linked, organizations should track Open5GS project updates closely and apply security patches as soon as they are released. In the interim, consider implementing rate limiting or input validation at the network edge to prevent malformed or excessive requests that could trigger the vulnerability. For critical environments, deploying redundant AMF instances and failover mechanisms can minimize service disruption. Finally, engaging with the Open5GS community or vendors for guidance and potential workarounds is advisable.