CVE-2025-8804 is a medium-severity vulnerability affecting Open5GS versions 2.7.0 through 2.7.5. Open5GS is an open-source implementation of the 5G core network, widely used for research, development, and some production deployments of 5G mobile networks. The vulnerability resides in the Access and Mobility Management Function (AMF) component, specifically within the ngap_build_downlink_nas_transport function. This function is responsible for constructing NG Application Protocol (NGAP) messages that carry NAS (Non-Access Stratum) transport messages downlink to user equipment. The flaw is a reachable assertion, meaning that under certain manipulated inputs, the code triggers an assertion failure, which can cause the AMF process to crash or behave unexpectedly. The vulnerability can be exploited remotely without any authentication or user interaction, making it accessible to unauthenticated attackers who can send crafted NGAP messages to the AMF. Although the vulnerability does not directly lead to code execution or data leakage, the denial of service caused by the assertion failure can disrupt 5G core network operations, impacting service availability. The issue has been publicly disclosed, and a patch is available in Open5GS version 2.7.6, identified by commit bca0a7b6e01d254f4223b83831162566d4626428. Organizations using affected Open5GS versions are strongly advised to upgrade to the patched release to mitigate this risk. No known exploits are currently observed in the wild, but the public disclosure increases the risk of exploitation attempts.

For European organizations, especially telecom operators, mobile virtual network operators (MVNOs), and enterprises deploying private 5G networks using Open5GS, this vulnerability poses a risk to network availability. A successful exploitation could cause the AMF component to crash, leading to service interruptions such as dropped connections, failed session establishments, or degraded network performance. This can affect critical communications infrastructure, emergency services, and business operations relying on 5G connectivity. Given the increasing adoption of 5G networks across Europe for industrial automation, IoT, and public safety, any disruption in the core network can have cascading effects on dependent services. Additionally, denial of service conditions in the core network may be leveraged as part of larger multi-vector attacks targeting telecom infrastructure. Although the vulnerability does not compromise confidentiality or integrity directly, the availability impact is significant in the context of telecom networks where uptime is critical.

1. Immediate upgrade to Open5GS version 2.7.6 or later where the patch addressing CVE-2025-8804 is applied. 2. Implement network-level filtering to restrict access to the AMF NGAP interface only to trusted and authenticated network elements, minimizing exposure to untrusted sources. 3. Deploy robust monitoring and anomaly detection on the AMF component to detect unusual NGAP message patterns or assertion failures promptly. 4. Use containerization or process isolation for Open5GS components to limit the blast radius of a crash and enable rapid recovery. 5. Establish automated failover and redundancy mechanisms for the AMF to maintain service continuity in case of crashes. 6. Regularly audit and update 5G core network components to incorporate security patches and follow best practices for secure configuration. 7. Engage with Open5GS community and security advisories to stay informed about emerging threats and patches.