CVE-2026-2062 is a vulnerability affecting Open5GS, an open-source 5G core network implementation widely used for mobile network infrastructure. The issue resides in the PGW S5U Address Handler component, specifically within the functions sgwc_s5c_handle_modify_bearer_response and sgwc_sxa_handle_session_modification_response. These functions handle session modification responses related to bearer management in the 5G packet gateway. Due to improper handling of input data, an attacker can trigger a NULL pointer dereference, causing the affected process to crash and resulting in a denial of service (DoS). The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and low impact on availability (VA:L) with no impact on confidentiality or integrity. Although no active exploitation in the wild has been reported, publicly available exploit code increases the likelihood of attacks. The vulnerability affects Open5GS versions 2.7.0 through 2.7.6. The issue was addressed in a patch identified by commit f1bbd7b57f831e2a070780a7d8d5d4c73babdb59, which should be applied promptly to mitigate the risk. This vulnerability primarily threatens the availability of 5G core network services, potentially disrupting mobile data sessions and impacting end-user connectivity.

For European organizations, particularly telecom operators and mobile network providers deploying Open5GS in their 5G core infrastructure, this vulnerability poses a risk of service disruption through denial of service attacks. Such disruptions can degrade network reliability, affect customer experience, and lead to financial losses due to downtime and remediation costs. Critical services relying on mobile connectivity, including emergency services, IoT deployments, and enterprise communications, may be indirectly impacted. The vulnerability's remote exploitability without authentication increases the attack surface, making it attractive for threat actors aiming to disrupt network operations or cause reputational damage. Additionally, cascading failures in interconnected network components could amplify the impact. Given Europe's advanced 5G rollout and regulatory emphasis on network resilience, unpatched systems could face compliance and operational risks. The absence of confidentiality or integrity impact reduces the risk of data breaches but does not diminish the importance of maintaining availability in critical telecom infrastructure.

Organizations should immediately apply the official patch identified by commit f1bbd7b57f831e2a070780a7d8d5d4c73babdb59 to all affected Open5GS instances running versions 2.7.0 through 2.7.6. Network operators should conduct thorough inventory and version audits of their Open5GS deployments to identify vulnerable systems. Implement network segmentation and strict access controls to limit exposure of the PGW S5U Address Handler component to untrusted networks. Deploy monitoring and anomaly detection tools focused on detecting unusual session modification responses or process crashes indicative of exploitation attempts. Establish incident response procedures tailored to 5G core network components to rapidly address potential denial of service events. Consider redundancy and failover mechanisms within the 5G core to maintain service continuity during potential attacks. Engage with Open5GS community and vendors for timely updates and security advisories. Finally, conduct regular security assessments and penetration testing targeting 5G core network components to proactively identify and remediate vulnerabilities.