The vulnerability identified as CVE-2026-33063 affects the Authentication Server Function (AUSF) component of free5GC, an open-source 5G core network implementation. Specifically, versions prior to 1.4.2 contain an improper null check (CWE-476) in the GetSupiFromSuciSupiMap function. This function attempts to convert an interface{} type to a pointer of type *context.SuciSupiMap without verifying if the interface holds a nil value. When a crafted UE authentication request is sent to the AUSF endpoint (/nausf-auth/v1/ue-authentications), it can trigger this nil interface conversion, causing a runtime panic and crashing the AUSF service. Since AUSF is responsible for authenticating user equipment in the 5G core, its unavailability leads to denial of service, preventing legitimate UE authentication and potentially disrupting network access. The vulnerability is remotely exploitable over the network without any authentication or user interaction, making it highly accessible to attackers. The patch released in free5GC version 1.4.2 addresses this issue by adding proper nil checks before performing the interface conversion. No application-level workaround exists, so mitigation depends on patching or restricting API access to trusted entities. No known exploits are reported in the wild yet, but the vulnerability’s nature and impact make it a significant risk for deployments using affected versions of free5GC AUSF.

The primary impact of this vulnerability is a denial of service condition on the AUSF component of free5GC, which is critical for 5G UE authentication. Disruption of AUSF can prevent user equipment from authenticating to the 5G network, effectively blocking network access for subscribers. This can lead to widespread service outages in networks relying on free5GC, affecting telecom operators, enterprises, and service providers deploying open-source 5G core solutions. The denial of service could also be leveraged as part of a larger attack to degrade network availability or as a distraction while other attacks are conducted. Given the remote and unauthenticated nature of the exploit, attackers can easily target exposed AUSF endpoints, potentially causing large-scale outages. The impact on confidentiality and integrity is minimal, but the availability impact is high. This could affect customer trust, regulatory compliance, and operational continuity for organizations using free5GC AUSF. Additionally, the lack of direct workarounds increases the urgency for patching or network-level access controls.

1. Immediately upgrade free5GC AUSF to version 1.4.2 or later, which contains the patch fixing the null pointer dereference issue. 2. If immediate patching is not feasible, restrict access to the AUSF API endpoint (/nausf-auth/v1/ue-authentications) using network-level controls such as firewall rules, VPNs, or zero-trust network segmentation to allow only trusted and authenticated sources. 3. Implement monitoring and alerting on AUSF service crashes or panics to detect exploitation attempts promptly. 4. Conduct regular code audits and fuzz testing on critical 5G core components to identify similar null pointer or input validation issues proactively. 5. Employ runtime protection mechanisms such as container security policies or application-level watchdogs to automatically restart or isolate the AUSF service upon failure. 6. Collaborate with upstream free5GC maintainers to stay informed about security updates and best practices. 7. Harden the overall 5G core network architecture by limiting exposure of critical APIs to the public internet and enforcing strict authentication and authorization controls where possible.