CVE-2026-2525 identifies a denial of service (DoS) vulnerability in Free5GC, an open-source 5G core network software, affecting versions 4.0 and 4.1.0. The vulnerability resides in an unspecified function within the PFCP (Packet Forwarding Control Protocol) UDP Endpoint component. PFCP is critical for control plane communication between the control and user plane functions in 5G networks. The flaw allows an attacker to send specially crafted UDP packets to the PFCP endpoint, causing the service to crash or become unresponsive, resulting in denial of service. The attack vector is network-based, requiring no authentication or user interaction, making it remotely exploitable with low complexity. The CVSS 4.0 score of 6.9 (medium severity) reflects the vulnerability’s impact on availability (denial of service) without compromising confidentiality or integrity. Although no known exploits are currently active in the wild, the public disclosure of the exploit code increases the likelihood of future attacks. Free5GC is widely used by telecom operators, research institutions, and vendors for 5G core network deployments and testing, making this vulnerability significant for the 5G ecosystem. The lack of available patches at the time of disclosure necessitates immediate risk mitigation through network controls and monitoring. This vulnerability highlights the importance of securing control plane protocols in 5G networks to maintain service continuity and reliability.

The primary impact of CVE-2026-2525 is the disruption of 5G core network services due to denial of service conditions triggered by malicious PFCP UDP packets. This can lead to unavailability of critical 5G network functions such as session management, user plane control, and mobility management, potentially affecting end-user connectivity and service quality. For telecom operators and service providers, this could result in network outages, degraded user experience, and financial losses. Additionally, denial of service in the core network may cascade to impact dependent services and applications relying on 5G connectivity, including IoT deployments, emergency services, and enterprise communications. The remote and unauthenticated nature of the exploit increases the risk of widespread attacks, especially if threat actors automate exploitation attempts. While confidentiality and integrity are not directly impacted, the availability disruption alone can have severe operational consequences. Organizations using Free5GC in production or testing environments must consider the risk of service interruptions and potential reputational damage. The vulnerability also underscores the need for robust network segmentation and monitoring to detect and mitigate anomalous traffic targeting control plane protocols.

1. Apply patches or updates from Free5GC maintainers as soon as they become available to address the vulnerability in the PFCP UDP Endpoint component. 2. Implement network-level filtering to restrict access to PFCP UDP ports (typically UDP port 8805) only to trusted and authenticated network elements, minimizing exposure to untrusted sources. 3. Deploy intrusion detection and prevention systems (IDS/IPS) with signatures or heuristics to detect anomalous or malformed PFCP packets indicative of exploitation attempts. 4. Use network segmentation to isolate 5G core network components from general enterprise or internet-facing networks, reducing attack surface. 5. Monitor system logs and network traffic for unusual PFCP activity or service crashes to enable rapid detection and response. 6. Conduct regular security assessments and penetration testing focused on 5G core network protocols and components. 7. Establish incident response plans specific to 5G network disruptions to minimize downtime and coordinate remediation. 8. Engage with Free5GC community and vendors for timely threat intelligence and updates related to this vulnerability. 9. Consider deploying redundancy and failover mechanisms in 5G core network architecture to maintain service continuity in case of DoS events. 10. Educate network operations teams about the risks associated with PFCP protocol exploitation and best practices for securing 5G core infrastructure.