CVE-2025-8804 is a medium-severity vulnerability affecting Open5GS versions 2.7.0 through 2.7.5. Open5GS is an open-source implementation of the 5G core network, widely used for research, testing, and in some production environments. The vulnerability resides in the AMF (Access and Mobility Management Function) component, specifically in the function ngap_build_downlink_nas_transport. This function is responsible for constructing downlink NAS (Non-Access Stratum) transport messages, which are critical for signaling between the core network and user equipment. The flaw allows an attacker to remotely trigger a reachable assertion, which is a condition in the code that, when met, causes the program to abort or crash. This can lead to a denial of service (DoS) condition by crashing the AMF component, disrupting the 5G core network's ability to manage mobility and session states. The vulnerability does not require any authentication or user interaction and can be exploited remotely over the network, increasing its risk profile. The CVSS 4.0 base score is 6.9, reflecting a medium severity level with network attack vector, low complexity, no privileges required, and no user interaction needed. The vulnerability has been publicly disclosed, and a patch fixing the issue is available in Open5GS version 2.7.6, identified by commit bca0a7b6e01d254f4223b83831162566d4626428. No known exploits in the wild have been reported yet, but the public disclosure means attackers could develop exploits. This vulnerability primarily threatens the availability of 5G core network services by causing crashes in the AMF component, potentially leading to service interruptions or degraded network performance.

For European organizations, especially telecom operators and enterprises deploying private 5G networks using Open5GS, this vulnerability poses a significant risk to network availability. The AMF is a critical function in the 5G core responsible for managing user equipment registration, mobility, and session management. A successful exploitation causing AMF crashes can disrupt mobile connectivity, degrade service quality, and potentially impact emergency services relying on 5G networks. This can lead to customer dissatisfaction, regulatory scrutiny, and financial losses. Additionally, organizations relying on Open5GS for research or testing could face operational disruptions. Given the increasing adoption of 5G in Europe for industrial automation, smart cities, and critical infrastructure, any disruption in core network functions can have cascading effects on dependent services. While confidentiality and integrity impacts are not evident from this vulnerability, the availability impact alone is critical for maintaining continuous 5G service delivery.

European organizations using Open5GS should prioritize upgrading to version 2.7.6 or later, which contains the patch for this vulnerability. Network operators should implement strict network segmentation and firewall rules to limit exposure of the AMF component to untrusted networks, reducing the attack surface. Monitoring and alerting should be enhanced to detect abnormal AMF crashes or restarts, enabling rapid incident response. Employing redundancy and failover mechanisms for the AMF can mitigate service disruption during an attack. Organizations should also conduct regular security assessments and penetration tests on their 5G core deployments to identify and remediate similar issues proactively. For private 5G deployments, restricting access to management interfaces and applying zero-trust principles can further reduce risk. Finally, maintaining up-to-date threat intelligence feeds and subscribing to vulnerability advisories will help organizations respond promptly to emerging exploits related to this vulnerability.