CVE-2025-15418 is a vulnerability identified in Open5GS, an open-source 5G core network software, affecting versions 2.7.0 through 2.7.6. The flaw resides in the function ogs_gtp2_parse_bearer_qos within the lib/gtp/v2/types.c source file, specifically in the Bearer QoS Information Element (IE) length handler. This function improperly processes manipulated Bearer QoS IE length values, which can be exploited to trigger a denial of service (DoS) condition. The attack requires local access to the system running Open5GS, meaning an attacker must have some level of local privileges or network position that allows interaction with the vulnerable function. No user interaction or elevated authentication is necessary beyond local privileges. The vulnerability can cause the Open5GS service to crash or become unresponsive, disrupting 5G core network operations such as session management and bearer establishment. The exploit code has been publicly released, increasing the risk of exploitation, although no widespread attacks have been reported yet. A patch identified by commit 4e913d21f2c032b187815f063dbab5ebe65fe83a has been made available to address this issue. The CVSS v4.0 base score is 4.8, reflecting a medium severity rating due to the local attack vector and the limited scope of impact. This vulnerability primarily threatens the availability of Open5GS-based 5G core networks, which are critical infrastructure components for mobile network operators and service providers.

For European organizations, particularly telecom operators and service providers deploying Open5GS as part of their 5G core network infrastructure, this vulnerability poses a risk of localized denial of service attacks. Such disruptions can lead to temporary loss of connectivity for end-users, degraded network performance, and potential cascading effects on dependent services such as IoT, emergency communications, and enterprise mobile connectivity. Although the attack requires local access, insider threats or compromised internal systems could exploit this flaw to disrupt network operations. The impact on confidentiality and integrity is minimal, but availability is directly affected. Given the critical role of 5G networks in Europe’s digital economy and public safety, even localized outages can have significant operational and reputational consequences. Additionally, regulatory compliance requirements under frameworks like the NIS Directive may mandate timely remediation and incident reporting. The public availability of exploit code increases the urgency for European organizations to address this vulnerability proactively.

To mitigate CVE-2025-15418, European organizations should immediately apply the official patch identified by commit 4e913d21f2c032b187815f063dbab5ebe65fe83a to all affected Open5GS instances. Beyond patching, organizations should enforce strict access controls to limit local access to Open5GS systems, including network segmentation, hardened host configurations, and use of multi-factor authentication for administrative access. Monitoring and logging of local interactions with Open5GS components should be enhanced to detect anomalous activities indicative of exploitation attempts. Implementing host-based intrusion detection systems (HIDS) can provide additional visibility. Regular vulnerability scanning and penetration testing focused on 5G core components will help identify residual risks. Organizations should also establish incident response plans tailored to 5G network disruptions. Coordination with upstream vendors and participation in information sharing groups can facilitate timely threat intelligence updates. Finally, consider deploying redundant or failover 5G core components to minimize service impact during potential attacks.