CVE-2025-15531 | THREATINT

Description

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.

PUBLISHED Reserved 2026-01-16 | Published 2026-01-17 | Updated 2026-02-23 | Assigner VulDB

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

MEDIUM: 5.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C

5.0AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C

Problem types

Reachable Assertion

Timeline

2026-01-16:	Advisory disclosed
2026-01-16:	VulDB entry created
2026-01-18:	VulDB entry last update

Credits

LinZiyu (VulDB User) reporter

References

vuldb.com/?id.341598 (VDB-341598 | Open5GS context.c sgwc_bearer_add assertion) vdb-entry technical-description

vuldb.com/?ctiid.341598 (VDB-341598 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/?submit.729339 (Submit #729339 | Open5GS SGWC v2.7.6 Denial of Service) third-party-advisory

github.com/open5gs/open5gs/issues/4233 issue-tracking

github.com/open5gs/open5gs/issues/4233 exploit issue-tracking

github.com/open5gs/open5gs/ product

cve.org (CVE-2025-15531)

nvd.nist.gov (CVE-2025-15531)

Download JSON