CVE-2025-41067 is a reachable assertion vulnerability classified under CWE-617 found in NewPlane's Open5GS product, specifically affecting versions up to 2.7.5. Open5GS is an open-source 5G core network implementation widely used for 5G network functions, including the Network Repository Function (NRF), which is critical for service discovery within the 5G core architecture. The vulnerability arises when an attacker sends a specially crafted SBI (Service-Based Interface) request that instructs the NRF to delete its own registry. This action triggers an assertion check within the NRF code that is reachable and fails, causing the NRF process to crash. The crash results in a denial of service (DoS) condition by rendering the NRF discovery service unavailable, which can disrupt 5G core network operations dependent on NRF for service discovery and registration. The CVSS 4.0 base score is 8.7 (high severity), reflecting the vulnerability's network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and high impact on availability (VA:H). There is no impact on confidentiality or integrity. The vulnerability does not require authentication or user interaction, making it easier to exploit remotely. No known exploits have been reported in the wild yet, but the potential for disruption in 5G networks is significant given the NRF's central role. No patches were linked at the time of publication, so mitigation relies on vendor updates or network-level protections.

For European organizations, especially telecom operators and service providers deploying Open5GS in their 5G core networks, this vulnerability poses a serious risk of service disruption. The NRF is a pivotal component in 5G network function discovery and registration; its unavailability can lead to cascading failures or degraded network performance, impacting end-user connectivity and services. This could affect mobile broadband, IoT services, and critical communications relying on 5G infrastructure. The denial of service could also be leveraged as part of larger coordinated attacks targeting telecom infrastructure, potentially affecting national communications resilience. Given the increasing reliance on 5G networks for economic and public safety applications across Europe, the impact extends beyond telecom providers to industries and government services dependent on stable 5G connectivity.

1. Apply vendor patches or updates as soon as they become available to fix the assertion vulnerability in Open5GS. 2. Until patches are released, implement strict network segmentation and firewall rules to restrict access to the NRF SBI interface, allowing only trusted management and network entities. 3. Monitor NRF logs and network traffic for unusual SBI requests, particularly those attempting to delete or modify the NRF registry. 4. Employ anomaly detection systems to identify potential exploitation attempts targeting the NRF. 5. Consider deploying redundancy and failover mechanisms for the NRF to minimize service disruption in case of crashes. 6. Engage with the Open5GS community and vendors for timely security advisories and recommended configurations. 7. Conduct regular security assessments and penetration testing focused on 5G core components to identify and remediate similar vulnerabilities proactively.