CVE-2025-15531

Published: Jan 17, 2026Modified: Feb 23, 2026

5.5

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: CNA (Secondary)

Description

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.

Affected (1)

Products: Open5gs: Open5gs

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Open5gs Open5gs	Up to 2.7.5

Related CWEs

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (6)

https://github.com/open5gs/open5gs/

Source: cna@vuldb.com

https://github.com/open5gs/open5gs/issues/4233

Source: cna@vuldb.com

ExploitIssue TrackingVendor Advisory

https://github.com/open5gs/open5gs/issues/4233#issue-3776216182

Source: cna@vuldb.com

ExploitIssue TrackingVendor Advisory

https://vuldb.com/?ctiid.341598

Source: cna@vuldb.com

Permissions RequiredVDB Entry

https://vuldb.com/?id.341598

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.729339

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

Timeline

No history available yet.