The vulnerability identified as CVE-2025-69252 affects the Unified Data Management (UDM) component of free5GC, an open-source implementation of the 5G core network. Specifically, versions up to and including 1.4.1 contain a NULL Pointer Dereference flaw (CWE-476). This occurs when the UDM service processes a crafted PUT request containing an unexpected or malformed ueId (User Equipment Identifier). The improper handling of this input leads to dereferencing a NULL pointer, which causes the UDM service to panic and crash, resulting in a denial of service (DoS). The vulnerability can be exploited remotely without any authentication or user interaction, making it accessible to unauthenticated attackers. The impact is limited to availability, as the service crash disrupts the UDM’s ability to manage subscriber data and authentication functions within the 5G core network. The issue affects all deployments using the free5GC UDM component up to version 1.4.1. The free5gc project has addressed this vulnerability in pull request 76, which contains the necessary code fix. No direct workaround exists at the application level, so applying the official patch is the recommended remediation. The CVSS 4.0 vector (AV:N/AC:L/AT:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U) indicates network attack vector, low complexity, no privileges or user interaction required, no confidentiality or integrity impact, but high availability impact, with an overall medium severity score of 6.6.

This vulnerability poses a significant risk to organizations deploying free5GC UDM in their 5G core networks. A successful exploit results in a denial of service by crashing the UDM service, which is critical for subscriber data management and authentication in 5G networks. This disruption can lead to service outages affecting mobile subscribers, impacting network reliability and user experience. For mobile network operators and service providers relying on free5GC, this could translate into loss of revenue, customer dissatisfaction, and potential regulatory scrutiny. Since the vulnerability can be exploited remotely without authentication, attackers can cause widespread disruption with minimal effort. The lack of confidentiality or integrity impact limits the threat to availability, but given the critical role of UDM in 5G core operations, availability loss can have cascading effects on other network functions and services. The absence of a workaround means organizations must apply the patch promptly to mitigate risk.

1. Immediately apply the official patch provided in free5gc/udm pull request 76 to all affected UDM deployments running version 1.4.1 or earlier. 2. Implement network-level protections such as firewall rules or intrusion prevention systems (IPS) to restrict and monitor incoming PUT requests to the UDM service, especially from untrusted sources. 3. Deploy rate limiting and anomaly detection on the UDM API endpoints to detect and block suspicious or malformed requests that could trigger the vulnerability. 4. Conduct regular security audits and code reviews of open-source components integrated into 5G core networks to identify and remediate vulnerabilities proactively. 5. Maintain up-to-date backups and failover mechanisms for the UDM service to minimize downtime in case of exploitation. 6. Engage with the free5GC community and subscribe to security advisories to stay informed about future vulnerabilities and patches. 7. Consider network segmentation to isolate critical 5G core components, limiting the attack surface and exposure to external threats.