CVE-2025-41067
Published: 27 October 2025
Summary
CVE-2025-41067 is a high-severity Reachable Assertion (CWE-617) vulnerability in Open5Gs Open5Gs. Its CVSS base score is 8.7 (High).
Operationally, ranked at the 13.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-36180
- 🇪🇸 INCIBE: www.incibe.es
Vulnerability details
Reachable Assertion vulnerability in Open5GS up to version 2.7.6 allows attackers with connectivity to the NRF to cause a denial of service. An SBI request that deletes the NRF's own registry causes a check that ends up crashing the NRF…
more
process and renders the discovery service unavailable.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.