CVE-2024-24429
Published: 22 January 2025
Summary
CVE-2024-24429 is a high-severity Reachable Assertion (CWE-617) vulnerability in Open5Gs Open5Gs. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 39.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-11 (Error Handling).
Deeper analysis
CVE-2024-24429 is a reachable assertion vulnerability in the nas_eps_send_emm_to_esm function within Open5GS versions up to and including 2.6.4. This flaw allows attackers to trigger a Denial of Service (DoS) condition through a specially crafted NGAP packet. The vulnerability is rated with a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) and is associated with CWE-617 (Reachable Assertion). It was published on 2025-01-22.
Unauthenticated attackers with network access can exploit this vulnerability due to its low attack complexity and lack of required privileges or user interaction. By sending a malicious NGAP packet to a vulnerable Open5GS instance, an attacker can cause the assertion to fail, leading to a crash and high-impact availability disruption. The changed scope (S:C) indicates potential effects beyond the vulnerable component.
Mitigation details and further advisories are available at https://cellularsecurity.org/ransacked.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-21848
Vulnerability details
A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NGAP packet.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Crafted NGAP packet exploits public-facing Open5GS service (T1190) to trigger assertion failure and crash, directly enabling application exploitation for endpoint DoS (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the CVE by identifying, testing, and installing patches for the reachable assertion vulnerability in Open5GS.
Protects against DoS attacks from crafted NGAP packets by implementing denial-of-service defenses such as rate limiting and traffic filtering.
Ensures error handling in nas_eps_send_emm_to_esm does not result in crashes from assertion failures on malformed inputs.