CVE-2025-8800 is a vulnerability identified in Open5GS, an open-source implementation of the 5G core network. The flaw exists in versions 2.7.0 through 2.7.5 within the AMF (Access and Mobility Management Function) component, specifically in the esm_handle_pdn_connectivity_request function located in the src/mme/esm-handler.c source file. This function is responsible for handling PDN (Packet Data Network) connectivity requests, which are critical for establishing data sessions in 5G networks. The vulnerability allows an attacker to remotely trigger a denial of service (DoS) condition by manipulating the PDN connectivity request handling process. The attack requires no authentication or user interaction and can be launched over the network, making it accessible to remote adversaries. The consequence of exploitation is a disruption of service availability in the affected Open5GS AMF component, potentially causing interruption of 5G core network operations reliant on this component. The issue is addressed in Open5GS version 2.7.6, which includes a patch identified by the commit hash 701505102f514cbde2856cd2ebc9bedb7efc820d. The CVSS v4.0 base score is 6.9, categorized as medium severity, reflecting the network attack vector, lack of required privileges or user interaction, and limited impact on confidentiality and integrity but significant impact on availability. No known exploits are reported in the wild as of the publication date, but the vulnerability's nature and ease of exploitation warrant prompt remediation in affected deployments.

For European organizations, especially telecommunications providers and enterprises deploying private 5G networks using Open5GS, this vulnerability poses a risk of service disruption. The denial of service could lead to temporary unavailability of 5G core network functions, affecting mobile broadband services, IoT connectivity, and critical communications infrastructure. This disruption can impact customer experience, operational continuity, and potentially critical services relying on 5G connectivity such as smart city applications, industrial automation, and emergency response systems. Given the increasing adoption of 5G technology across Europe, the vulnerability could have cascading effects on dependent services and business operations. Additionally, service providers may face regulatory and reputational consequences if network availability is compromised. Although no data confidentiality or integrity breach is indicated, the availability impact alone is significant in the context of telecommunications infrastructure.

European organizations should prioritize upgrading Open5GS deployments to version 2.7.6 or later to apply the official patch addressing CVE-2025-8800. Network operators should implement strict network segmentation and access controls to limit exposure of the AMF component to untrusted networks, reducing the attack surface. Deploying intrusion detection and prevention systems (IDPS) with signatures or heuristics to detect anomalous PDN connectivity requests can provide early warning and mitigation. Regular monitoring of AMF logs for unusual request patterns is advised. Organizations should also conduct thorough testing of the upgrade in controlled environments to ensure stability and compatibility. For private 5G deployments, enforcing strict authentication and authorization policies at the network edge can further reduce risk. Finally, maintaining up-to-date incident response plans tailored to 5G network disruptions will help minimize downtime and operational impact in case of exploitation.