The vulnerability identified as CVE-2026-2523 affects Open5GS, an open-source 5G core network implementation widely used for research and production environments. Specifically, the issue resides in the SMF (Session Management Function) component within the function smf_gn_handle_create_pdp_context_request located in /src/smf/gn-handler.c. The flaw manifests as a reachable assertion triggered by crafted remote requests, which can cause the SMF process to terminate unexpectedly, resulting in denial of service conditions. The vulnerability requires no authentication or user interaction, making it remotely exploitable over the network. The CVSS 4.0 base score of 6.9 (medium severity) reflects the ease of exploitation (network attack vector, low attack complexity) and the impact limited primarily to availability (denial of service). The vulnerability was responsibly disclosed early to the Open5GS project, but no patch or official response has been released as of the publication date. The availability of public exploit code increases the risk of exploitation by malicious actors targeting 5G core networks that rely on Open5GS. Given the critical role of the SMF in managing session contexts and user plane routing in 5G networks, disruption can lead to service outages affecting subscribers and network operations.

For European organizations, particularly telecom operators and service providers deploying Open5GS in their 5G core networks, this vulnerability could lead to service disruptions through denial of service attacks against the SMF component. Such outages can degrade network reliability, impact subscriber connectivity, and potentially cause cascading failures in dependent network functions. The disruption of session management may also affect billing, lawful interception, and quality of service enforcement. Given the increasing reliance on 5G for critical infrastructure and enterprise services in Europe, exploitation could have broader economic and operational consequences. Additionally, the public availability of exploit code raises the likelihood of opportunistic attacks, increasing the urgency for mitigation. Organizations without timely patching or compensating controls may experience increased incident response costs and reputational damage.

Since no official patch has been released, European organizations should implement immediate compensating controls. These include restricting network access to the SMF interface by enforcing strict firewall rules and network segmentation to limit exposure to untrusted networks. Deploy intrusion detection and prevention systems (IDS/IPS) with signatures or anomaly detection tuned to identify attempts to exploit this reachable assertion. Monitor SMF logs and system health metrics for signs of crashes or abnormal behavior. Engage with the Open5GS community and maintain vigilance for forthcoming patches or updates addressing this vulnerability. Consider deploying redundant SMF instances with failover capabilities to minimize service impact. Additionally, conduct regular security assessments and penetration tests focusing on 5G core components to identify and remediate similar weaknesses proactively.