CVE-2025-14953 is a vulnerability identified in Open5GS, an open-source 5G core network implementation widely used for mobile network infrastructure. The flaw is a NULL pointer dereference occurring in the function ogs_pfcp_handle_create_pdr, located in the FAR-ID Handler component of the PFCP (Packet Forwarding Control Protocol) library. This vulnerability can be triggered remotely by sending crafted PFCP messages that manipulate the creation of Packet Detection Rules (PDRs). When exploited, the NULL pointer dereference causes the affected process to crash, leading to a denial of service (DoS) condition. The attack complexity is high, requiring detailed knowledge of the protocol and network environment, and no user interaction or elevated privileges are necessary. The CVSS 4.0 score is 2.3, reflecting low severity primarily due to limited impact scope and difficult exploitability. The vulnerability affects Open5GS versions 2.7.0 through 2.7.5. A patch identified by commit 93a9fd98a8baa94289be3b982028201de4534e32 has been released to address this issue. While no known exploits are actively used in the wild, the public availability of exploit code increases the risk of future attacks. The vulnerability primarily threatens the availability of 5G core network services relying on Open5GS, potentially disrupting mobile network operations.

For European organizations, particularly telecom operators and infrastructure providers deploying Open5GS in their 5G core networks, this vulnerability poses a risk of service disruption through denial of service attacks. Although the impact on confidentiality and integrity is negligible, availability is affected, which can degrade network reliability and user experience. Disruptions in 5G core components can impact critical services, including emergency communications, IoT applications, and enterprise connectivity. The high complexity of exploitation reduces the likelihood of widespread attacks, but targeted adversaries with sufficient expertise could leverage this flaw to cause outages. Given the increasing reliance on 5G networks across Europe, even localized service interruptions could have significant operational and reputational consequences. Organizations operating in regulated sectors with strict uptime requirements must prioritize remediation to avoid compliance issues and service-level agreement breaches.

European organizations should immediately apply the official patch provided by the Open5GS project (commit 93a9fd98a8baa94289be3b982028201de4534e32) to all affected versions (2.7.0 to 2.7.5). Network operators should implement strict filtering and validation of PFCP messages at network boundaries to reduce exposure to malformed packets. Deploying anomaly detection systems that monitor PFCP traffic for unusual patterns can help identify exploitation attempts early. Segmentation of 5G core network components and limiting administrative access to trusted personnel can further reduce risk. Regularly updating and auditing Open5GS deployments, combined with comprehensive incident response plans tailored to 5G infrastructure, will enhance resilience. Additionally, organizations should engage with vendors and security communities to stay informed about emerging threats and patches related to Open5GS and 5G core vulnerabilities.