Buffer Overflow Vulnerability in Free5gc by Free5GC
CVE-2025-56394

7.5HIGH

Key Information:

Vendor: Free5GC
Status: Free5gc
Vendor: CVE Published:; 23 September 2025

What is CVE-2025-56394?

Free5gc version 4.0.1 contains a vulnerability where the AMF component fails to properly validate the 5GS mobile identity. This flaw can lead to slice reference overflow, potentially allowing an attacker to execute arbitrary code or cause service disruptions. Users of Free5gc should review their systems for this flaw and implement necessary mitigations to secure their deployments.

References

https://github.com/free5gc/free5gc/issues/690

https://gist.github.com/DDGod2025/532691e3e2db9b47c67c3d1...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Aug 16, 2025

CVE-2025-56394 Data

JSON