CVE-2025-8799 is a medium-severity denial of service (DoS) vulnerability affecting Open5GS versions 2.7.0 through 2.7.5. Open5GS is an open-source implementation of 5G core network components, widely used for research, development, and in some production environments for 5G mobile networks. The vulnerability resides in the AMF (Access and Mobility Management Function) component, specifically within the functions amf_npcf_am_policy_control_build_create and amf_nsmf_pdusession_build_create_sm_context in the source file src/amf/npcf-build.c. An attacker can remotely manipulate these functions to trigger a denial of service condition, causing the affected AMF component to crash or become unresponsive. The vulnerability requires no authentication or user interaction and can be exploited over the network, making it remotely exploitable with low complexity. The CVSS 4.0 score is 6.9 (medium), reflecting the lack of confidentiality, integrity, or availability impact beyond DoS, but with ease of exploitation and no privileges required. A public exploit has been disclosed, increasing the risk of exploitation, although no known widespread attacks have been reported yet. The issue is addressed in Open5GS version 2.7.6, with a patch identified by commit cf63dd63197bf61a4b041aa364ba6a6199ab15e4. Organizations running vulnerable versions should upgrade promptly to mitigate the risk. Given Open5GS’s role in 5G core networks, disruption of the AMF can impact subscriber mobility management and session establishment, potentially degrading network availability and service continuity.

For European organizations, especially telecom operators, mobile network infrastructure providers, and enterprises deploying private 5G networks using Open5GS, this vulnerability poses a significant risk to network availability. A successful DoS attack on the AMF component can disrupt subscriber authentication, mobility management, and session control, leading to service outages or degraded user experience. This can affect critical communications, emergency services, and business operations relying on 5G connectivity. The impact extends to 5G network slices used for industrial automation, IoT, and smart city applications, where availability is crucial. While the vulnerability does not directly compromise data confidentiality or integrity, the denial of service can cause operational disruptions and potential financial losses. The public availability of an exploit increases the urgency for mitigation. European telecom regulators and operators must consider this vulnerability in their risk assessments and incident response plans to maintain network resilience and compliance with service availability requirements.

1. Immediate upgrade of Open5GS to version 2.7.6 or later, which contains the patch addressing this vulnerability. 2. Implement network-level protections such as firewall rules and intrusion prevention systems to limit exposure of the AMF interfaces to untrusted networks, reducing the attack surface. 3. Monitor AMF component logs and network traffic for unusual patterns indicative of exploitation attempts, enabling early detection and response. 4. Employ rate limiting and anomaly detection on signaling messages to mitigate potential DoS attack vectors targeting the AMF. 5. Conduct regular vulnerability assessments and penetration testing on 5G core network components to identify and remediate similar issues proactively. 6. Develop and test incident response procedures specific to 5G core network disruptions to minimize downtime in case of exploitation. 7. Collaborate with Open5GS community and vendors for timely updates and security advisories.