CVE-2025-15531 is a vulnerability identified in Open5GS, an open-source 5G core network implementation widely used by telecom operators and network infrastructure providers. The flaw exists in the sgwc_bearer_add function within the src/sgwc/context.c source file. Specifically, the vulnerability manifests as a reachable assertion triggered by crafted input that manipulates bearer context addition logic. When exploited, this assertion failure can cause the affected process to terminate unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is remotely exploitable without requiring any authentication or user interaction, making it accessible to unauthenticated attackers over the network. The vulnerability affects Open5GS versions 2.7.0 through 2.7.5 inclusively. Although an exploit is publicly available, there have been no confirmed reports of exploitation in the wild. The issue has been addressed and fixed in subsequent releases beyond version 2.7.5. The CVSS 4.0 base score of 6.9 reflects the medium severity, primarily due to the impact on availability and the ease of remote exploitation. The vulnerability does not affect confidentiality or integrity, nor does it require privileges or user interaction. This vulnerability highlights the importance of securing 5G core network components, which are critical for modern telecommunications infrastructure.

The primary impact of CVE-2025-15531 is a denial of service against Open5GS deployments, which can disrupt 5G core network operations. A successful exploit causes the sgwc process to crash due to assertion failure, potentially leading to service outages or degraded network performance. This can affect mobile network operators relying on Open5GS for session management and bearer control, impacting end-user connectivity and service availability. In large-scale deployments, repeated exploitation could cause significant network instability and operational challenges. While the vulnerability does not compromise data confidentiality or integrity, the availability impact on critical telecom infrastructure can have cascading effects on emergency services, enterprise communications, and consumer mobile services. The ease of remote exploitation without authentication increases the risk profile, especially in environments where Open5GS is exposed to untrusted networks. Organizations that do not promptly patch may face increased risk of service disruption and potential reputational damage.

To mitigate CVE-2025-15531, organizations should immediately upgrade Open5GS to the latest version beyond 2.7.5 where the vulnerability is fixed. If immediate upgrade is not feasible, network administrators should restrict access to the affected sgwc service using network segmentation and firewall rules to limit exposure to trusted management networks only. Implementing strict ingress filtering and monitoring for anomalous bearer addition requests can help detect exploitation attempts. Additionally, deploying runtime monitoring and automated process recovery can reduce downtime caused by crashes. Regularly auditing Open5GS configurations and applying security patches promptly is critical. Telecom operators should also consider deploying redundancy and failover mechanisms in their 5G core infrastructure to minimize service impact from potential DoS events. Finally, maintaining awareness of public exploit releases and threat intelligence feeds will help in proactive defense.