Use After Free Vulnerability in Open5GS Software by Open5GS
CVE-2026-15194
Key Information:
Badges
What is CVE-2026-15194?
A security flaw has been identified in Open5GS version 2.7.7 affecting the AMF component's function amf_context_final located in src/amf/context.c. This vulnerability arises from improper handling of memory, leading to a use after free condition. An attacker with local access can exploit this flaw, potentially leading to unauthorized operations within the system. Publicly disclosed exploits may pose a risk for users, emphasizing the importance of timely updates and security patches.
Affected Version(s)
Open5GS 2.7.7
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
