CVE-2025-5520 is a medium-severity vulnerability affecting Open5GS versions 2.7.0 through 2.7.3. Open5GS is an open-source implementation of the 5G core network, widely used for mobile network infrastructure. The vulnerability resides in the functions gmm_state_authentication and emm_state_authentication within the Access and Mobility Management Function (AMF) and Mobility Management Entity (MME) components. These components are critical for handling authentication and mobility management in 5G and LTE networks. The flaw manifests as a reachable assertion, which means that under certain manipulated inputs, the software triggers an assertion failure during authentication state processing. This can cause the affected component to crash or behave unexpectedly, potentially leading to denial of service (DoS) conditions. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. Although the CVSS 4.0 score is 6.9 (medium severity), the impact on network availability and service continuity can be significant given the role of AMF/MME in mobile networks. The vulnerability has been publicly disclosed, and a patch identified by commit 9f5d133657850e6167231527514ee1364d37a884 is available to remediate the issue. No known exploits in the wild have been reported yet, but the public disclosure means attackers could develop exploits. This vulnerability is distinct from CVE-2025-1893, indicating multiple security concerns in Open5GS around this timeframe. Overall, this vulnerability poses a risk to the stability and reliability of 5G core network deployments using vulnerable Open5GS versions, potentially disrupting mobile network services through targeted remote attacks on authentication state handling.

For European organizations, especially mobile network operators and infrastructure providers deploying Open5GS as part of their 5G core network, this vulnerability could lead to service disruptions. The AMF/MME components are central to user authentication and mobility management; a crash or denial of service here can interrupt subscriber connectivity, degrade network performance, and impact critical communications services. This could affect enterprises relying on private 5G networks, public mobile operators, and IoT service providers. Disruptions in mobile network availability can have cascading effects on emergency services, financial transactions, and industrial operations that depend on continuous connectivity. Given the remote exploitability without authentication, attackers could target vulnerable networks from outside, increasing the threat surface. While no active exploitation is reported, the public disclosure raises the risk of future attacks. European telecom operators must consider the potential for service outages and reputational damage, as well as regulatory scrutiny under frameworks like the NIS Directive and GDPR if service disruptions impact data availability or privacy.

1. Immediate application of the official patch identified by commit 9f5d133657850e6167231527514ee1364d37a884 to all Open5GS deployments running affected versions (2.7.0 to 2.7.3). 2. Conduct thorough testing in staging environments before production deployment to ensure stability post-patch. 3. Implement network-level protections such as rate limiting and anomaly detection on interfaces exposing AMF/MME services to detect and block abnormal authentication traffic patterns that could trigger the assertion. 4. Employ strict access controls and network segmentation to limit exposure of the 5G core network components to untrusted networks. 5. Monitor system logs and alerts for signs of assertion failures or crashes related to authentication state processing. 6. Maintain up-to-date inventory of Open5GS versions in use and establish a patch management process for timely updates. 7. Engage with Open5GS community and security advisories to track any emerging exploits or related vulnerabilities. 8. Consider deploying redundancy and failover mechanisms for AMF/MME components to minimize service impact in case of crashes.