CVE-2025-70121 identifies a critical vulnerability in the Access and Mobility Management Function (AMF) component of free5GC version 4.0.1, an open-source 5G core network implementation. The vulnerability arises from an array index out of bounds error within the GetSUCI method in the NAS_MobileIdentity5GS.go source file. Specifically, when processing a NAS Registration Request message containing a crafted 5GS Mobile Identity, the code attempts to access the sixth element (index 5) of a 5-element array, which is out of bounds. This leads to a runtime panic in the Go language environment, causing the AMF process to crash and become unavailable. The AMF is a critical 5G core network function responsible for mobility management and session handling. The flaw can be triggered remotely by an attacker sending a malicious NAS Registration Request without requiring authentication or user interaction, enabling a denial of service (DoS) attack that disrupts network availability. While no public exploits are currently known, the vulnerability's nature and the critical role of the AMF make it a significant threat. The lack of a CVSS score indicates that the vulnerability is newly published and pending further assessment. The vulnerability affects free5GC v4.0.1, and no patches or mitigations are currently linked, emphasizing the need for immediate attention from operators using this software.

The primary impact of CVE-2025-70121 is a denial of service condition in the 5G core network's AMF component, which can lead to service outages or degraded network performance. For European organizations, especially telecom operators deploying free5GC as part of their 5G infrastructure, this vulnerability threatens the availability of mobile services, potentially affecting millions of subscribers. Disruptions in the AMF can cascade, impacting authentication, mobility management, and session continuity, thereby degrading user experience and possibly causing regulatory compliance issues related to service availability. Given the increasing reliance on 5G for critical communications, IoT, and enterprise applications, such outages could have broader economic and operational consequences. The vulnerability does not directly compromise confidentiality or integrity but poses a significant risk to network stability and resilience.

To mitigate CVE-2025-70121, European 5G network operators using free5GC v4.0.1 should prioritize the following actions: 1) Apply any available patches or updates from the free5GC project that address the array bounds checking in the GetSUCI method. 2) If patches are not yet available, implement input validation at the NAS message processing layer to ensure that the 5GS Mobile Identity array is properly bounded before access. 3) Deploy runtime monitoring and anomaly detection to identify and block malformed NAS Registration Requests that could trigger the vulnerability. 4) Consider network-level filtering or rate limiting of NAS messages from untrusted sources to reduce attack surface. 5) Engage with the free5GC community and vendors for timely updates and advisories. 6) Conduct thorough testing of the AMF component under malformed input scenarios to validate robustness. These steps go beyond generic advice by focusing on source code validation, runtime protections, and community collaboration.