Vulnerability Description
A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The patch is named 5746b8576cfceec18ed87eb7d8cf11b1fb4cd8b1. It is suggested to install a patch to address this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open5Gs | Open5Gs | <= 2.7.6 |
Related Weaknesses (CWE)
References
- https://github.com/open5gs/open5gs/Product
- https://github.com/open5gs/open5gs/commit/5746b8576cfceec18ed87eb7d8cf11b1fb4cd8Patch
- https://github.com/open5gs/open5gs/issues/4498ExploitIssue Tracking
- https://github.com/open5gs/open5gs/pull/4553Issue TrackingPatch
- https://vuldb.com/submit/814559Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/364330Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/364330/ctiPermissions RequiredVDB Entry
FAQ
What is CVE-2026-8743?
CVE-2026-8743 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in i...
How severe is CVE-2026-8743?
CVE-2026-8743 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8743?
Check the references section above for vendor advisories and patch information. Affected products include: Open5Gs Open5Gs.