Service Degradation Vulnerability in Ericsson Packet Core Controller
CVE-2025-59174
7.1HIGH
What is CVE-2025-59174?
The vulnerability in Ericsson's Packet Core Controller allows an attacker to send an overwhelming volume of specially crafted messages. This attack can lead to significant service degradation, impacting the performance and availability of the network. Organizations using versions prior to 1.39 should be aware of this risk and consider immediate action to secure their systems against potential exploit.
Affected Version(s)
Packet Core Controller 0 < 1.39
References
CVSS V4
Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
The UK Telecoms Lab (UKTL)
The UK’s National Cyber Security Centre (NCSC)
