Denial of Service Vulnerability in Athonet vEPC MME by Athonet
CVE-2024-24458
5.9MEDIUM
What is CVE-2024-24458?
Athonet's vEPC MME v11.4.0 is susceptible to a vulnerability that allows attackers to exploit invalid memory access during the handling of ENB Configuration Transfer messages. By orchestrating multiple connection attempts with specially crafted payloads targeting invalid PLMN Identities, an attacker could prompt a Denial of Service, disrupting cellular network services and affecting user access. This risk underscores the importance of prompt security measures and updates in the affected systems.
Affected Version(s)
HPE Athonet Core HPE Athonet Core 11.0 <= 11.6