ByteOS Network

NVD Vulnerability Details :

CVE-2025-14955

Modified

Source-cna@vuldb.com

Published At-19 Dec, 2025 | 17:15

Updated At-24 Feb, 2026 | 06:16

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogs_pfcp_handle_create_pdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit has been made public and could be used. The patch is identified as 773117aa5472af26fc9f80e608d3386504c3bdb7. It is best practice to apply a patch to resolve this issue.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	6.3	MEDIUM	CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	3.7	LOW	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Secondary	2.0	2.6	LOW	AV:N/AC:H/Au:N/C:N/I:N/A:P

Type: Secondary

Version: 4.0

Base score: 6.3

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 3.7

Base severity: LOW

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Type: Secondary

Version: 2.0

Base score: 2.6

Base severity: LOW

Vector:

AV:N/AC:H/Au:N/C:N/I:N/A:P

CPE Matches

open5gs>>open5gs>>Versions up to 2.7.5(inclusive)

cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-665	Secondary	cna@vuldb.com

CWE ID: CWE-665

Type: Secondary

Source: cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/open5gs/open5gs/	cna@vuldb.com	N/A
https://github.com/open5gs/open5gs/commit/773117aa5472af26fc9f80e608d3386504c3bdb7	cna@vuldb.com	Patch
https://github.com/open5gs/open5gs/issues/4182	cna@vuldb.com	Exploit Issue Tracking Vendor Advisory
https://github.com/open5gs/open5gs/issues/4182#issue-3670797098	cna@vuldb.com	Exploit Issue Tracking Vendor Advisory
https://github.com/open5gs/open5gs/issues/4182#issuecomment-3616081878	cna@vuldb.com	Issue Tracking
https://vuldb.com/?ctiid.337591	cna@vuldb.com	Permissions Required VDB Entry
https://vuldb.com/?id.337591	cna@vuldb.com	Third Party Advisory VDB Entry
https://vuldb.com/?submit.716841	cna@vuldb.com	Third Party Advisory VDB Entry
https://github.com/open5gs/open5gs/issues/4182	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit Issue Tracking Vendor Advisory
https://github.com/open5gs/open5gs/issues/4182#issue-3670797098	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit Issue Tracking Vendor Advisory
https://github.com/open5gs/open5gs/issues/4182#issuecomment-3616081878	134c704f-9b21-4f2e-91b3-4a467353bcc0	Issue Tracking