AI Threat Alert

CVE-2025-26265: openairinterface5g: segfault enables DoS via crafted UE message

MEDIUM PoC AVAILABLE
Published March 27, 2025
CISO Take

A memory corruption flaw (CWE-119) in openairinterface5g v2.1.0 allows a network-adjacent attacker to crash the 5G RAN process by sending a maliciously crafted UE Context Modification response, resulting in a denial of service. Despite the CVSS User Interaction requirement — which in this protocol context reflects a handshake condition that occurs routinely in live networks rather than a human click — a public proof-of-concept from MobiCom 2025 ARCANE research lowers exploitation difficulty for any attacker with access to the control-plane interface. The package carries an OpenSSF Scorecard of 6.3/10 and five other CVEs, signaling systemic security debt. Organizations running AI workloads over private 5G or O-RAN infrastructure should patch immediately and restrict access to F1-C/NG-C control-plane interfaces to trusted segments.

Sources: NVD OpenSSF ATLAS

What is the risk?

Medium risk in isolation, elevated for AI-enabled 5G deployments. The attack path is network-accessible with low complexity and no privileges required. The 'user interaction required' CVSS constraint reflects a protocol flow dependency — not a human action — making exploitation feasible for any attacker who can inject or relay a malformed UE Context Modification response. With a public PoC available via academic publication, weaponization is accessible to moderately skilled adversaries. Not in CISA KEV and EPSS is unavailable, but the published exploit and the 13,670 reported downstream dependents warrant elevated attention for research and edge AI deployments.

What systems are affected?

Package Ecosystem Vulnerable Range Patched
openairinterface5g pip No patch
30.8K OpenSSF 6.3 13.8K dependents Pushed 6d ago 0% patched Full package profile →

Do you use openairinterface5g? You're affected.

Severity & Risk

CVSS 3.1
6.5 / 10
EPSS
0.9%
chance of exploitation in 30 days
Higher than 76% of all CVEs
Source: EPSS v3 — FIRST.org
Exploitation Status
Exploit Available
Exploitation: MEDIUM
Sophistication
Moderate
Exploitation Confidence
medium
Public PoC indexed (trickest/cve)
Composite signal derived from CISA KEV, CISA SSVC, EPSS, trickest/cve, and Nuclei templates.

Attack Surface

AV AC PR UI S C I A
AV Network
AC Low
PR None
UI Required
S Unchanged
C None
I None
A High

What should I do?

6 steps

  1. Patch to the latest openairinterface5g release that resolves this segfault.

  2. If immediate patching is not feasible, deploy protocol-level input validation at F1-AP/NGAP to drop malformed UE Context Modification responses before they reach the vulnerable process.

  3. Restrict network access to RAN control-plane interfaces (F1-C, NG-C) to trusted IP ranges only.

  4. Implement process watchdog with automatic restart for the gNB/CU-CP component to minimize downtime from successful DoS attempts.

  5. Monitor for segmentation fault events and core dumps in openairinterface5g process logs as indicators of active exploitation.

  6. Review and address the additional 5 CVEs and OpenSSF Scorecard deficiencies (6.3/10) to reduce the overall attack surface.

CISA SSVC Assessment

Decision Track
Exploitation none
Automatable No
Technical Impact partial

Source: CISA Vulnrichment (SSVC v2.0). Decision based on the CISA Coordinator decision tree.

Classification

DoS Inference AML.T0029 AML.T0049

Compliance Impact

This CVE is relevant to:

EU AI Act
Art. 15 - Accuracy, robustness and cybersecurity
ISO 42001
A.9.3 - Information security incident management for AI systems
NIST AI RMF
MANAGE-2.4 - AI System Availability and Resilience

Frequently Asked Questions

What is CVE-2025-26265?

A memory corruption flaw (CWE-119) in openairinterface5g v2.1.0 allows a network-adjacent attacker to crash the 5G RAN process by sending a maliciously crafted UE Context Modification response, resulting in a denial of service. Despite the CVSS User Interaction requirement — which in this protocol context reflects a handshake condition that occurs routinely in live networks rather than a human click — a public proof-of-concept from MobiCom 2025 ARCANE research lowers exploitation difficulty for any attacker with access to the control-plane interface. The package carries an OpenSSF Scorecard of 6.3/10 and five other CVEs, signaling systemic security debt. Organizations running AI workloads over private 5G or O-RAN infrastructure should patch immediately and restrict access to F1-C/NG-C control-plane interfaces to trusted segments.

Is CVE-2025-26265 actively exploited?

Proof-of-concept exploit code is publicly available for CVE-2025-26265, increasing the risk of exploitation.

How to fix CVE-2025-26265?

1. Patch to the latest openairinterface5g release that resolves this segfault. 2. If immediate patching is not feasible, deploy protocol-level input validation at F1-AP/NGAP to drop malformed UE Context Modification responses before they reach the vulnerable process. 3. Restrict network access to RAN control-plane interfaces (F1-C, NG-C) to trusted IP ranges only. 4. Implement process watchdog with automatic restart for the gNB/CU-CP component to minimize downtime from successful DoS attempts. 5. Monitor for segmentation fault events and core dumps in openairinterface5g process logs as indicators of active exploitation. 6. Review and address the additional 5 CVEs and OpenSSF Scorecard deficiencies (6.3/10) to reduce the overall attack surface.

What systems are affected by CVE-2025-26265?

This vulnerability affects the following AI/ML architecture patterns: 5G/O-RAN infrastructure hosting AI workloads, Edge AI inference deployments over private 5G, Federated learning nodes on 5G networks, AI-enabled autonomous and robotics systems using 5G connectivity.

What is the CVSS score for CVE-2025-26265?

CVE-2025-26265 has a CVSS v3.1 base score of 6.5 (MEDIUM). The EPSS exploitation probability is 0.93%.

Technical Details

NVD Description

A segmentation fault in openairinterface5g v2.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted UE Context Modification response.

Exploitation Scenario

An adversary with access to the 5G RAN control plane — via a rogue UE device, a compromised small cell, or a man-in-the-middle position on the F1 interface — sends a specially crafted UE Context Modification response to the openairinterface5g gNB process. The malformed message triggers a boundary violation (CWE-119) causing a segmentation fault that crashes the process. In an AI/ML context, this could be timed to disrupt an edge inference cluster serving a critical application — autonomous vehicle coordination, factory robotics, or real-time anomaly detection — knocking all connected inference endpoints offline simultaneously. The publicly available ARCANE PoC from MobiCom 2025 provides a ready-made exploit template, requiring no deep protocol expertise to adapt.

Weaknesses (CWE)

CWE-119

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Timeline

Published
March 27, 2025
Last Modified
April 11, 2025
First Seen
March 27, 2025

Related Vulnerabilities

CRITICAL CVE-2025-53767 10.0

Azure OpenAI: SSRF EoP, no auth required (CVSS 10)

Same package: openai
CRITICAL CVE-2023-3686 9.8

QuickAI: unauthenticated SQLi exposes OpenAI API keys

Same package: openai
HIGH CVE-2025-65805 7.5

OAI CN5G AMF: Unauthenticated buffer overflow, RCE/DoS

Same package: openai
HIGH CVE-2025-66786 7.5

OAI CN5G AMF: unauthenticated JSON DoS on 5G SBI interface

Same package: openai
MEDIUM CVE-2025-7021 6.5

OpenAI Operator: fullscreen spoofing captures credentials

Same package: openai
Back to Threat Feed