CVE-2025-60633 is a denial of service vulnerability identified in Free5GC versions 4.0.0 and 4.0.1, specifically affecting the Nudm_SubscriberDataManagement API component. Free5GC is an open-source 5G core network implementation widely used for research, testing, and increasingly in production environments. The vulnerability arises from improper handling of certain API requests, which allows an attacker with network access and limited privileges (PR:L) to cause a crash or unavailability of the subscriber data management service. The CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) indicates that the attack can be performed remotely over the network with low attack complexity, requires some privileges but no user interaction, and impacts only availability without compromising confidentiality or integrity. The underlying weakness is categorized under CWE-1287, which relates to improper resource management or error handling leading to service disruption. Although no known exploits have been reported in the wild and no patches are currently available, the vulnerability poses a risk to the stability of 5G core networks relying on Free5GC. Attackers exploiting this flaw could disrupt subscriber data management functions, potentially causing service outages or degraded network performance. This is particularly critical for telecom operators and service providers deploying Free5GC in their 5G infrastructure, as it could impact subscriber authentication, session management, and overall network reliability.

For European organizations, especially telecom operators and 5G service providers using Free5GC, this vulnerability could lead to denial of service conditions affecting subscriber data management functions. This disruption can degrade network availability, impacting end-user connectivity and service quality. Given the central role of the Nudm component in managing subscriber information, outages could cascade to other 5G core functions, potentially causing broader network instability. In critical infrastructure contexts, such as emergency services or industrial IoT relying on 5G, such disruptions could have significant operational consequences. The medium severity rating reflects that while confidentiality and integrity remain intact, availability impacts can affect business continuity and customer trust. Additionally, the lack of known exploits currently provides a window for proactive mitigation, but the ease of exploitation and network accessibility mean that attackers could develop exploits rapidly once the vulnerability becomes widely known.

1. Restrict network access to the Nudm_SubscriberDataManagement API to trusted and authenticated entities only, using network segmentation and firewall rules. 2. Implement strict access controls and authentication mechanisms to ensure only authorized users with necessary privileges can interact with the vulnerable API. 3. Monitor API usage patterns and logs for abnormal or excessive requests that could indicate exploitation attempts. 4. Deploy intrusion detection and prevention systems (IDS/IPS) tuned to detect anomalous traffic targeting the Nudm API. 5. Engage with Free5GC maintainers and community to track the release of patches or updates addressing this vulnerability and apply them promptly. 6. Conduct regular security assessments and penetration testing focused on 5G core components to identify and remediate similar issues. 7. Prepare incident response plans specifically for 5G core network disruptions to minimize downtime in case of exploitation. 8. Consider deploying redundancy and failover mechanisms for critical 5G core functions to maintain service availability during attacks or failures.