CVE-2026-1737 is a vulnerability identified in Open5GS, an open-source 5G core network implementation widely used for mobile network infrastructure. The flaw exists in the function sgwc_s5c_handle_create_bearer_request within the CreateBearerRequest Handler component, specifically in the file /src/sgwc/s5c-handler.c. This vulnerability manifests as a reachable assertion failure, which can be triggered remotely without requiring any authentication or user interaction. An assertion failure typically causes the affected process to terminate unexpectedly, leading to denial of service (DoS). The vulnerability affects all Open5GS versions from 2.7.0 through 2.7.6. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and impacts availability with low scope and no impact on confidentiality or integrity, resulting in a score of 6.9 (medium severity). The exploit code has been publicly disclosed, increasing the risk of exploitation, although no active exploitation has been reported yet. The issue has been fixed in subsequent Open5GS releases, and users are strongly advised to apply the patch to prevent potential service outages in 5G core network components.

The primary impact of CVE-2026-1737 is denial of service on the 5G core network component responsible for bearer creation, which is critical for establishing user data sessions. For European organizations, especially telecom operators and infrastructure providers deploying Open5GS, exploitation could disrupt mobile network services, affecting end-user connectivity and potentially causing widespread service degradation. This could impact emergency services, enterprise communications, and consumer mobile data access. Given the remote and unauthenticated nature of the vulnerability, attackers could cause outages without insider access, increasing the threat surface. The disruption of 5G bearer management could also affect IoT devices and critical infrastructure relying on 5G connectivity. While no data confidentiality or integrity compromise is indicated, availability impacts on telecom infrastructure can have cascading effects on dependent services and economic activities.

European organizations using Open5GS should immediately upgrade to the latest patched version beyond 2.7.6 where this vulnerability is resolved. Network operators should implement strict network segmentation and firewall rules to limit access to the 5G core network interfaces, reducing exposure to external attackers. Continuous monitoring for unusual assertion failures or process crashes in the sgwc component should be established to detect exploitation attempts. Employing redundancy and failover mechanisms in the 5G core network can mitigate service disruption risks. Additionally, operators should review and harden their overall 5G core security posture, including applying security patches promptly, conducting regular vulnerability assessments, and restricting administrative access. Collaboration with vendors and sharing threat intelligence within European telecom security communities will enhance early detection and response capabilities.