CVE-2026-32319 is an out-of-bounds read vulnerability classified as CWE-125 affecting Ella Core, a 5G core network solution designed for private network deployments. The flaw exists in versions prior to 1.5.1, where the core panics upon receiving malformed integrity-protected NGAP or NAS messages with lengths under 7 bytes. Specifically, the vulnerability arises because the software attempts to read beyond the allocated buffer when processing these short messages, leading to a panic state that crashes the core process. This crash causes a denial-of-service (DoS) condition, disrupting service for all subscribers connected to the affected core. The vulnerability can be exploited remotely by an attacker capable of sending crafted NAS messages without requiring any authentication or user interaction, making it highly accessible to threat actors. The CVSS v3.1 base score is 7.5, reflecting a high severity due to the network attack vector, low attack complexity, no privileges required, no user interaction, and a significant impact on availability. The vulnerability does not impact confidentiality or integrity but solely availability. The issue was publicly disclosed on March 12, 2026, and fixed in Ella Core version 1.5.1. No public exploit code or active exploitation has been reported to date. Given the critical role of 5G core components in telecommunications infrastructure, this vulnerability poses a significant risk to private 5G network operators using affected versions.

The primary impact of CVE-2026-32319 is a denial-of-service condition caused by crashing the Ella Core process, which disrupts connectivity for all subscribers relying on the affected 5G core. This can lead to significant operational outages in private 5G networks, affecting enterprise communications, industrial automation, and other critical applications dependent on continuous 5G service. The lack of authentication requirement and ease of exploitation increase the risk of opportunistic attacks or targeted disruptions. Organizations operating private 5G networks with vulnerable Ella Core versions may experience service downtime, loss of productivity, and potential reputational damage. Additionally, prolonged outages could impact safety-critical systems or delay time-sensitive operations in sectors such as manufacturing, logistics, or healthcare that utilize private 5G deployments. While confidentiality and data integrity are not directly impacted, the availability disruption alone can have cascading effects on business continuity and operational resilience.

To mitigate CVE-2026-32319, organizations should immediately upgrade Ella Core to version 1.5.1 or later, where the vulnerability is fixed. Until patching is possible, network operators should implement strict filtering and validation of NGAP and NAS messages at network ingress points to block malformed or suspiciously short messages that could trigger the crash. Deploying anomaly detection systems to monitor for unusual NAS message patterns can help identify exploitation attempts early. Network segmentation and isolation of the 5G core from untrusted networks reduce exposure to remote attackers. Additionally, applying rate limiting on NAS message traffic can mitigate the risk of denial-of-service attacks. Operators should also maintain up-to-date incident response plans tailored to 5G core disruptions and conduct regular security assessments of their private 5G infrastructure. Close coordination with the vendor for timely updates and security advisories is essential to maintain a secure environment.