CVE-2024-34475 identifies a vulnerability in Open5GS, an open-source 5G core network implementation, specifically affecting versions before 2.7.1. The flaw exists in the Access and Mobility Management Function (AMF) component, within the gmm_state_authentication state machine logic in the amf/gmm-sm.c source file. When the AMF processes Non-Access Stratum (NAS) messages from a User Equipment (UE), an assertion intended to validate error states (specifically checking for != OGS_ERROR) can be triggered incorrectly. This reachable assertion failure causes the AMF process to crash, resulting in a denial of service. The vulnerability does not affect confidentiality or integrity but impacts availability severely. It can be exploited remotely without requiring authentication or user interaction, making it accessible to any attacker capable of sending crafted NAS messages to the vulnerable AMF. The vulnerability is classified under CWE-617 (Reachable Assertion), indicating that the assertion failure is reachable through external input. Although no public exploits have been reported yet, the vulnerability's characteristics suggest it could be weaponized to disrupt 5G core network operations. Open5GS is widely used in research, testing, and some production environments for 5G core network functions, so the exposure depends on deployment scale. The CVSS v3.1 base score of 7.5 reflects a high severity rating due to network attack vector, low complexity, no privileges required, and a significant impact on availability.

The primary impact of CVE-2024-34475 is a denial of service condition on the AMF component of the Open5GS 5G core network. The AMF is responsible for critical functions such as mobility management, authentication coordination, and session management signaling. A crash of the AMF disrupts these functions, potentially causing service outages for subscribers connected to the affected network. This can lead to dropped connections, inability to authenticate new devices, and overall degradation of 5G network availability. For operators relying on Open5GS in production or test environments, this vulnerability could be exploited by attackers to cause network instability or outages remotely without needing credentials or user interaction. The impact is limited to availability, with no direct compromise of data confidentiality or integrity reported. However, the disruption of core network functions can have cascading effects on dependent services and user experience. Given the increasing adoption of 5G networks worldwide, any disruption in core network components can have significant operational and reputational consequences for service providers.

To mitigate CVE-2024-34475, organizations should immediately upgrade Open5GS to version 2.7.1 or later, where the assertion failure has been addressed. If upgrading is not immediately feasible, network operators should implement strict filtering and validation of NAS messages at the network perimeter to block malformed or suspicious traffic targeting the AMF. Deploying anomaly detection systems that monitor for unusual NAS message patterns can help identify exploitation attempts early. Additionally, isolating the AMF component within a hardened and monitored environment reduces the risk of widespread impact. Operators should also conduct thorough testing of their 5G core implementations to identify any similar assertion or input validation issues. Regularly applying security patches and maintaining an up-to-date inventory of deployed Open5GS versions is critical. Finally, sharing threat intelligence and monitoring vulnerability disclosures related to Open5GS and 5G core components will help maintain proactive defenses.