CVE-2025-8804
Published: 10 August 2025
Summary
CVE-2025-8804 is a medium-severity Reachable Assertion (CWE-617) vulnerability in Open5Gs Open5Gs. Its CVSS base score is 5.5 (Medium).
Operationally, ranked in the top 18.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A reachable assertion vulnerability exists in Open5GS versions up to 2.7.5 in the ngap_build_downlink_nas_transport function of the AMF component. The issue, tracked as CWE-617, arises from improper handling that allows an assertion to be reached during processing of downlink NAS transport messages.
Remote unauthenticated attackers can trigger the flaw over the network to cause a denial of service by crashing the affected AMF process. Publicly available exploit details indicate the attack requires no user interaction or special privileges.
The Open5GS project has released version 2.7.6 containing the fix identified by commit bca0a7b6e01d254f4223b83831162566d4626428, and the associated release notes and issue tracker recommend immediate upgrade of affected deployments. The EPSS score remains low and unchanged at 0.0154 with no observed increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-24084
Vulnerability details
A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the…
more
public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.