Cyber Resilience

CVE-2024-24430

HighPublic PoC

Published: 22 January 2025

Published
22 January 2025
Modified
22 April 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0031 54.1th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-24430 is a high-severity Reachable Assertion (CWE-617) vulnerability in Open5Gs Open5Gs. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 45.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-11 (Error Handling).

Deeper analysis

CVE-2024-24430 is a reachable assertion vulnerability in the mme_ue_find_by_imsi function of Open5GS versions up to and including 2.6.4. This flaw affects the open-source 5G core network implementation, enabling attackers to trigger a Denial of Service (DoS) condition through a specially crafted NAS (Non-Access Stratum) packet. The issue is classified under CWE-617 and was published on 2025-01-22 with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its potential for high-impact disruption without compromising confidentiality or integrity.

Remote attackers with network access to the vulnerable Open5GS deployment can exploit this vulnerability by sending a malicious NAS packet, which triggers the assertion failure in the MME (Mobility Management Entity) user equipment lookup function by IMSI. No authentication or privileges are required, and the attack requires low complexity with no user interaction. Successful exploitation results in a DoS, such as application crashes or service unavailability, potentially disrupting core network functions for affected users or the entire system.

Mitigation details and patches are referenced in advisories available at https://cellularsecurity.org/ransacked. Security practitioners should consult these resources for upgrade instructions to remediate the vulnerability in Open5GS deployments.

EU & UK References

Vulnerability details

A reachable assertion in the mme_ue_find_by_imsi function of Open5GS <= 2.6.4 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Remote crafted packet triggers assertion failure and service crash in network-exposed 5G core component, directly enabling application exploitation for DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-2523Same product: Open5Gs Open5Gs
CVE-2024-34235Same product: Open5Gs Open5Gs
CVE-2023-37021Same product: Open5Gs Open5Gs
CVE-2024-24427Same product: Open5Gs Open5Gs
CVE-2024-24428Same product: Open5Gs Open5Gs
CVE-2023-37015Same product: Open5Gs Open5Gs
CVE-2023-37016Same product: Open5Gs Open5Gs
CVE-2023-37017Same product: Open5Gs Open5Gs
CVE-2025-15530Same product: Open5Gs Open5Gs
CVE-2023-37018Same product: Open5Gs Open5Gs

Affected Assets

open5gs
open5gs
≤ 2.6.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly addresses the reachable assertion vulnerability by applying patches to Open5GS versions up to 2.6.4.

prevent

Proper error handling prevents assertion failures in mme_ue_find_by_imsi from causing DoS crashes on crafted NAS packets.

prevent

Input validation of NAS packets and IMSI values blocks malformed inputs from reaching and triggering the vulnerable lookup function.

References