Home > Vulnerability Database > CVE-2025-9405

Mend.io Vulnerability Database

CVE-2025-9405

Good to know:

Date: August 24, 2025

A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmm_state_exception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The patch is identified as 8e5fed16114f2f5e40bee1b161914b592b2b7b8f. Applying a patch is advised to resolve this issue.

Severity Score

9.1

Related Resources (10)

Url: https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-9405

Url: https://github.com/user-attachments/files/21013084/amf_udm-uecm.zip

Url: https://vuldb.com/?id.321241

Url: https://github.com/open5gs/open5gs/commit/8e5fed16114f2f5e40bee1b161914b592b2b7b8f

Url: https://github.com/open5gs/open5gs/issues/3947#issuecomment-3029992728

Url: https://vuldb.com/?submit.633467

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-9405

Url: https://github.com/open5gs/open5gs/issues/3947

Url: https://vuldb.com/?ctiid.321241

Url: https://www.mend.io/vulnerability-database/CVE-2025-9405

Severity Score

9.1

Weakness Type (CWE)

Reachable Assertion

CWE-617

Top Fix

Upgrade Version

Upgrade to version https://github.com/open5gs/open5gs.git - v2.7.6

Learn More

CVSS v3.1

Base Score:	9.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-9405

Good to know:

Date: August 24, 2025

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?