CVE-2025-8698 is a medium severity vulnerability identified in Open5GS, an open-source implementation of the 5G core network. The flaw exists in versions 2.7.0 through 2.7.5 within the AMF (Access and Mobility Management Function) Service component, specifically in the function amf_nsmf_pdusession_handle_release_sm_context located in src/amf/nsmf-handler.c. The vulnerability manifests as a reachable assertion triggered by crafted local input, which can cause the program to abort unexpectedly. This reachable assertion indicates that under certain conditions, the software encounters an assertion failure that is reachable through local manipulation, potentially leading to denial of service or disruption of the affected AMF service. Exploitation requires local access with low privileges (PR:L) and no user interaction, making it somewhat less accessible remotely but still a concern for insiders or compromised local accounts. The vulnerability does not impact confidentiality, integrity, or availability directly beyond causing service disruption. The CVSS 4.0 base score is 4.8 (medium), reflecting the limited scope and local attack vector. A patch identified by commit 66bc558e417e70ae216ec155e4e81c14ae0ecf30 has been released to address this issue. No known exploits are currently observed in the wild, but public disclosure means attackers could develop exploits. Given Open5GS's role in 5G core networks, this vulnerability could affect network stability and reliability if exploited, especially in environments where Open5GS is deployed as a core network component.

For European organizations, especially telecom operators and enterprises deploying private 5G networks using Open5GS, this vulnerability could lead to service interruptions in the AMF component, which is critical for managing user mobility and session contexts. Disruptions could degrade network performance or cause temporary denial of service, impacting end-user connectivity and service availability. While the vulnerability requires local access, compromised internal systems or insider threats could exploit it to destabilize network functions. This could affect critical infrastructure providers, industrial automation relying on 5G, and public safety networks. The impact is primarily on availability and operational continuity rather than data breach or unauthorized access. Given the increasing adoption of Open5GS in private and public 5G deployments across Europe, the vulnerability poses a tangible risk to network reliability and service quality.

Organizations should promptly apply the official patch identified by commit 66bc558e417e70ae216ec155e4e81c14ae0ecf30 to all affected Open5GS instances. Beyond patching, it is critical to enforce strict access controls to limit local access to the AMF service hosts, including implementing robust authentication and authorization mechanisms for administrative and operational accounts. Network segmentation should isolate core network components to reduce the risk of local exploitation. Continuous monitoring and logging of AMF service behavior can help detect abnormal assertion failures or crashes indicative of exploitation attempts. Additionally, conducting regular security audits and penetration testing focusing on local privilege escalation and insider threat vectors will help identify and remediate potential attack paths. Organizations should also maintain up-to-date incident response plans tailored to 5G core network disruptions.