216.73.217.47

CVE-2026-2062

· Published 06/02/2026 19:16 · Modified 06/02/2026 21:57

Labels: CVE-2026-2062 2026-02-06CVE-2026-2062CWE-404[email protected]

Essential information

Published
06/02/2026 19:16
Modified
06/02/2026 21:57
Author
Creator
CVSS
5.5 MEDIUM (v3) 5.5 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was identified in Open5GS up to 2.7.6. This affects the function sgwc_s5c_handle_modify_bearer_response/sgwc_sxa_handle_session_modification_response of the component PGW S5U Address Handler. The manipulation leads to null pointer dereference. The attack can be initiated remotely. The exploit is publicly available and might be used. The identifier of the patch is f1bbd7b57f831e2a070780a7d8d5d4c73babdb59. Applying a patch is the recommended action to fix this issue.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
open5gs / open5gs cpe:2.3:a:open5gs:open5gs:<2.7.6:*:*:*:*:*:*:*

References