CVE-2025-25774

MEDIUM Year: 2025
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-691
View all →

Vulnerability Description

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service (DoS).

Related Vulnerabilities

CVE-2024-22374

MEDIUM
CVSS:6.5(Medium)

Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access.

CWE-6912024

CVE-2024-21801

HIGH
CVSS:7.1(High)

Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable denial of service via local access.

CWE-6912024

CVE-2024-33617

HIGH
CVSS:5.9(Medium)

Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.

CWE-6912024

CVE-2021-33157

HIGH
CVSS:7.2(High)

Insufficient control flow management in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of pri...

CWE-6912021

CVE-2025-20004

HIGH
CVSS:7.2(High)

Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of privile...

CWE-6912025

CVE-2025-20022

MEDIUM
CVSS:5.7(Medium)

Insufficient control flow management for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow a privileged user to potentially enable information disclosure via adjacent access.

CWE-6912025