CVE-2025-8805 is a medium severity vulnerability affecting Open5GS versions 2.7.0 through 2.7.5. Open5GS is an open-source implementation of the 5G core network, widely used for mobile network infrastructure. The vulnerability resides in the SMF (Session Management Function) component, specifically in the function smf_gsm_state_wait_pfcp_deletion within the source file src/smf/gsm-sm.c. An attacker can remotely manipulate this function to trigger a denial of service (DoS) condition. The vulnerability does not require authentication, user interaction, or privileges, and can be exploited over the network, making it relatively easy to exploit. The attack causes the affected SMF component to become unresponsive or crash, disrupting session management in the 5G core network. This disruption can lead to service outages for mobile users relying on the affected infrastructure. The vulnerability has been publicly disclosed along with the exploit details, increasing the risk of exploitation. The issue is addressed in Open5GS version 2.7.6, which includes a patch identified by commit c58b8f081986aaf2a312d73a0a17985518b47fe6. Organizations running vulnerable versions are strongly advised to upgrade to the patched release to mitigate the risk.

For European organizations, especially telecom operators and service providers deploying Open5GS as part of their 5G core infrastructure, this vulnerability poses a significant risk to network availability and service continuity. A successful DoS attack on the SMF component can disrupt session management, leading to dropped connections, failed session establishments, and degraded user experience for mobile subscribers. This can impact critical communications, emergency services, and enterprise customers relying on 5G connectivity. Additionally, prolonged outages could result in regulatory penalties and reputational damage. Given the increasing adoption of open-source 5G core solutions in Europe to reduce costs and increase flexibility, the exposure surface is notable. The vulnerability's remote exploitability without authentication further elevates the threat, as attackers do not need insider access or complex prerequisites. While the vulnerability does not directly compromise confidentiality or integrity, the availability impact on essential telecom infrastructure is critical.

European organizations should immediately assess their Open5GS deployments to identify if versions 2.7.0 through 2.7.5 are in use. The primary mitigation is to upgrade to Open5GS version 2.7.6 or later, which contains the patch for this vulnerability. Network operators should implement strict network segmentation and firewall rules to limit access to the SMF component from untrusted networks, reducing exposure to remote exploitation. Monitoring and anomaly detection systems should be enhanced to detect unusual SMF behavior or service disruptions indicative of exploitation attempts. Additionally, organizations should review and harden their 5G core network configurations, ensuring that management interfaces are not exposed to the public internet. Regular vulnerability scanning and patch management processes must be enforced to promptly address similar vulnerabilities in the future. Finally, incident response plans should be updated to include scenarios involving 5G core DoS attacks to minimize downtime and coordinate rapid recovery.