Home > Vulnerability Database > CVE-2025-1893

Mend.io Vulnerability Database

CVE-2025-1893

Date: March 3, 2025

A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmm_state_authentication of the file src/amf/gmm-sm.c of the component UDM Subscriber Data Management. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named e31e9965f00d9c744a7f728497cb4f3e97744ee8. It is recommended to apply a patch to fix this issue.

Severity Score

4.3

Related Resources (9)

Url: https://vuldb.com/?id.298411

Url: https://github.com/open5gs/open5gs/issues/3707#issue-2833194192

Url: https://vuldb.com/?ctiid.298411

Url: https://github.com/open5gs/open5gs/issues/3707

Url: https://github.com/open5gs/open5gs/issues/3707#issuecomment-2639620554

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-1893

Url: https://vuldb.com/?submit.505952

Url: https://github.com/open5gs/open5gs/commit/e31e9965f00d9c744a7f728497cb4f3e97744ee8

Url: https://www.mend.io/vulnerability-database/CVE-2025-1893

Severity Score

4.3

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	4.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2025-1893

Date: March 3, 2025

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?