Cyber Resilience

CVE-2026-44475

Medium

Published: 27 May 2026

Published
27 May 2026
Modified
27 May 2026
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
EPSS Score 0.0015 4.4th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-44475 is a medium-severity Improperly Implemented Security Check for Standard (CWE-358) vulnerability. Its CVSS base score is 6.1 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Downgrade Attack (T1689); ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values. A malicious gNB can overwrite Ella Core's stored…

more

UE security capabilities for any UE with arbitrary values by sending a single crafted PathSwitchRequest. This vulnerability is fixed in 1.10.0.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1689 Downgrade Attack Defense Impairment
Adversaries may downgrade or use a version of system features that may be outdated, vulnerable, and/or does not support updated security controls.
T1600 Weaken Encryption Defense Impairment
Adversaries may compromise a network device’s encryption capability in order to bypass encryption that would otherwise protect data communications.
Why these techniques?

Vulnerability directly allows a malicious gNB to overwrite UE security capabilities (encryption/integrity algorithms) with arbitrary values via unauthenticated NGAP messages, enabling downgrade attacks and weakening of encryption without verification.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-358

Assessments identify and document improperly implemented security checks, allowing fixes that reduce exploitation of flawed checks.

References