Vulnerability Description
A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open5Gs | Open5Gs | <= 2.7.7 |
Related Weaknesses (CWE)
References
- https://github.com/open5gs/open5gs/Product
- https://github.com/open5gs/open5gs/issues/4472ExploitIssue Tracking
- https://vuldb.com/submit/817031Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/364332Third Party AdvisoryVDB Entry
- https://vuldb.com/vuln/364332/ctiPermissions RequiredVDB Entry
FAQ
What is CVE-2026-8745?
CVE-2026-8745 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation lea...
How severe is CVE-2026-8745?
CVE-2026-8745 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8745?
Check the references section above for vendor advisories and patch information. Affected products include: Open5Gs Open5Gs.