CVE-2024-24431 identifies a vulnerability in Open5GS version 2.7.0, an open-source 5G core network implementation widely used for mobile network infrastructure. The issue resides in the ogs_nas_emm_decode function, which processes NAS (Non-Access Stratum) messages, specifically the EMM (EPS Mobility Management) messages. The vulnerability is a reachable assertion triggered when the function encounters a NAS packet with a zero-length EMM message length field. This malformed input causes the assertion to fail, leading to a crash of the Open5GS process handling the message, resulting in a Denial of Service (DoS). The vulnerability is remotely exploitable without authentication or user interaction, as it involves sending a crafted NAS packet over the network. The CVSS v3.1 base score is 7.5, reflecting high severity due to the ease of exploitation and the impact on availability. The vulnerability is classified under CWE-78, which generally relates to improper input validation or command injection issues, indicating that the root cause is insufficient validation of input message lengths. No patches or fixes have been linked at the time of publication, and no exploits have been observed in the wild. This vulnerability threatens the stability and availability of 5G core network components relying on Open5GS, potentially disrupting mobile network services.

The primary impact of CVE-2024-24431 is a Denial of Service condition affecting the availability of 5G core network services implemented using Open5GS v2.7.0. This can cause network outages or degraded service quality for mobile subscribers relying on affected infrastructure. Disruptions in 5G core components can affect voice, data, and signaling services, impacting end-user experience and potentially critical communications. Since the vulnerability can be exploited remotely without authentication, attackers can cause service interruptions at scale. This may lead to operational challenges for mobile network operators and service providers, including loss of revenue, customer dissatisfaction, and reputational damage. The vulnerability does not compromise confidentiality or integrity, but the availability impact alone is significant for telecommunications infrastructure. Organizations deploying Open5GS in production environments are at risk, especially those in regions with large-scale 5G rollouts or critical infrastructure dependencies on mobile networks.

To mitigate CVE-2024-24431, organizations should immediately review their Open5GS deployments and monitor for anomalous NAS traffic that may indicate exploitation attempts. Network-level filtering can be implemented to detect and block malformed NAS packets with zero-length EMM message fields. Operators should apply any vendor or community patches addressing this vulnerability as soon as they become available. In the absence of patches, consider deploying Open5GS instances behind robust intrusion detection and prevention systems (IDPS) capable of identifying and dropping malformed NAS messages. Additionally, implementing rate limiting on NAS message processing can reduce the risk of DoS from crafted packets. Network segmentation and strict access controls on 5G core network components can limit exposure. Regularly updating Open5GS and related software to the latest stable versions is critical. Finally, engaging with the Open5GS community for updates and best practices will help maintain security posture.