Vulnerability Description
A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler dereferences a nil pointer instead of validating the message, causing a panic and terminating the UPF process. An attacker who can send PFCP Association Setup Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opennetworking | Upf | <= 2.1.2 |
Related Weaknesses (CWE)
References
- https://github.com/omec-project/upf/issues/955ExploitIssue TrackingThird Party Advisory
- https://github.com/omec-project/upf/pull/963Issue Tracking
- https://github.com/omec-project/upf/issues/955ExploitIssue TrackingThird Party Advisory
FAQ
What is CVE-2025-65563?
CVE-2025-65563 is a vulnerability with a CVSS score of 7.5 (HIGH). A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Reques...
How severe is CVE-2025-65563?
CVE-2025-65563 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-65563?
Check the references section above for vendor advisories and patch information. Affected products include: Opennetworking Upf.