Cyber Resilience

CVE-2025-8804

MediumPublic PoC

Published: 10 August 2025

Published
10 August 2025
Modified
15 August 2025
KEV Added
Patch
CVSS Score v4 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0154 81.8th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8804 is a medium-severity Reachable Assertion (CWE-617) vulnerability in Open5Gs Open5Gs. Its CVSS base score is 5.5 (Medium).

Operationally, ranked in the top 18.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A reachable assertion vulnerability exists in Open5GS versions up to 2.7.5 in the ngap_build_downlink_nas_transport function of the AMF component. The issue, tracked as CWE-617, arises from improper handling that allows an assertion to be reached during processing of downlink NAS transport messages.

Remote unauthenticated attackers can trigger the flaw over the network to cause a denial of service by crashing the affected AMF process. Publicly available exploit details indicate the attack requires no user interaction or special privileges.

The Open5GS project has released version 2.7.6 containing the fix identified by commit bca0a7b6e01d254f4223b83831162566d4626428, and the associated release notes and issue tracker recommend immediate upgrade of affected deployments. The EPSS score remains low and unchanged at 0.0154 with no observed increase after disclosure.

EU & UK References

Vulnerability details

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the…

more

public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

open5gs
open5gs
≤ 2.7.6

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References