CVE-2026-1738 is a vulnerability identified in Open5GS, an open-source 5G core network implementation widely used for mobile network infrastructure. The flaw resides in the SGWC (Serving Gateway Control) component, specifically in the sgwc_tunnel_add function located in the /src/sgwc/context.c source file. The vulnerability arises when the function processes the pdr (Packet Detection Rule) argument; crafted input can cause a reachable assertion failure. This means that under certain manipulated conditions, the program encounters an assertion statement that fails, leading to abnormal termination or denial of service. The vulnerability can be triggered remotely without requiring any authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and low impact on availability (VA:L) with no impact on confidentiality or integrity. Although exploit code has been published, there are no confirmed reports of active exploitation in the wild. The issue has been addressed in versions beyond 2.7.6, and users are advised to upgrade or apply patches to mitigate the risk. The vulnerability primarily threatens the availability of the affected system by causing crashes or service interruptions in the SGWC component, which is critical for 5G packet routing and session management.

The primary impact of CVE-2026-1738 is on the availability of 5G core network services relying on Open5GS. Exploitation can cause assertion failures leading to crashes or denial of service in the SGWC component, disrupting packet routing and session continuity for mobile subscribers. This can degrade network performance, cause dropped connections, and impact user experience. For organizations operating 5G infrastructure, such disruptions can lead to service outages, financial losses, and reputational damage. Additionally, denial of service in core network elements can affect emergency communications and critical services relying on mobile connectivity. While the vulnerability does not directly compromise confidentiality or integrity, the availability impact alone is significant given the essential role of SGWC in 5G networks. The remote and unauthenticated nature of the exploit increases the risk of automated attacks or exploitation by malicious actors scanning for vulnerable systems.

To mitigate CVE-2026-1738, organizations should immediately upgrade Open5GS to a version later than 2.7.6 where the vulnerability is fixed. If upgrading is not immediately feasible, applying any available patches or backported fixes from the Open5GS maintainers is critical. Network operators should implement strict network segmentation and firewall rules to restrict access to the SGWC interfaces, limiting exposure to untrusted networks. Monitoring and alerting for abnormal SGWC process crashes or assertion failures can help detect exploitation attempts early. Employing intrusion detection systems (IDS) with signatures for known exploit patterns can provide additional defense. Regularly auditing and updating 5G core network components and dependencies reduces exposure to known vulnerabilities. Finally, maintaining an incident response plan tailored to 5G infrastructure disruptions will help minimize downtime and impact if exploitation occurs.