CVE-2026-33283 is a NULL pointer dereference vulnerability (CWE-476) affecting Ella Core, a 5G core solution used primarily in private 5G networks. The issue arises when the core processes uplink NAS Transport messages that are malformed by lacking a Request Type field. In versions prior to 1.6.0, this causes the core process to panic and crash due to dereferencing a NULL pointer, leading to a denial of service condition. The vulnerability requires no authentication and can be exploited remotely by sending crafted NAS messages to the core network component. The impact is limited to availability, as no confidentiality or integrity compromise is indicated. The vulnerability is addressed in version 1.6.0 by adding a guard clause that prevents dereferencing when no SM context exists and the Request Type is missing. The CVSS v3.1 base score is 6.5 (medium), reflecting the network attack vector, low attack complexity, no user interaction, and no impact on confidentiality or integrity. No public exploits or active exploitation have been reported to date. This vulnerability highlights the importance of robust input validation in telecom core network components, especially those handling critical signaling messages like NAS. Given the critical role of 5G core networks in subscriber connectivity, such crashes can cause significant service disruptions.

The primary impact of this vulnerability is denial of service (DoS) against the affected 5G core network component, resulting in service disruption for all subscribers connected through the vulnerable Ella Core instance. This can lead to loss of network availability, affecting voice, data, and signaling services in private 5G deployments. While confidentiality and integrity are not directly impacted, the loss of availability can have severe operational consequences, especially in industrial, enterprise, or critical infrastructure environments relying on private 5G networks for communications. Attackers do not require authentication, increasing the risk of exploitation from within or near the network perimeter. The scope is limited to deployments using Ella Core versions prior to 1.6.0, but given the growing adoption of private 5G networks worldwide, the potential impact on organizations using this product can be significant. Disruptions could affect manufacturing, logistics, healthcare, or other sectors relying on private 5G for mission-critical applications.

1. Upgrade affected Ella Core deployments to version 1.6.0 or later, which includes the fix preventing NULL pointer dereference on malformed NAS messages. 2. Implement network-level filtering and validation to detect and block malformed UL NAS Transport messages lacking a Request Type before they reach the core network. 3. Deploy anomaly detection systems to monitor NAS signaling traffic for unusual or malformed message patterns indicative of exploitation attempts. 4. Restrict access to the 5G core network interfaces to trusted sources only, minimizing exposure to unauthenticated attackers. 5. Conduct regular security assessments and fuzz testing on NAS message handling components to identify and remediate similar input validation issues proactively. 6. Maintain up-to-date incident response plans to quickly address service disruptions caused by potential exploitation. 7. Collaborate with the vendor for timely patches and security advisories related to Ella Core.