CVE-2025-70123

{"id": "CVE-2025-70123", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-02-13T17:16:12.210", "references": [{"url": "https://github.com/free5gc/free5gc/issues/745", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An improper input validation and protocol compliance vulnerability in free5GC v4.0.1 allows remote attackers to cause a denial of service. The UPF incorrectly accepts a malformed PFCP Association Setup Request, violating 3GPP TS 29.244. This places the UPF in an inconsistent state where a subsequent valid PFCP Session Establishment Request triggers a cascading failure, disrupting the SMF connection and causing service degradation."}, {"lang": "es", "value": "Una vulnerabilidad de validaci\u00f3n de entrada incorrecta y de cumplimiento de protocolo en free5GC v4.0.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio. El UPF acepta incorrectamente una solicitud de configuraci\u00f3n de asociaci\u00f3n PFCP malformada, violando 3GPP TS 29.244. Esto coloca al UPF en un estado inconsistente donde una solicitud posterior v\u00e1lida de establecimiento de sesi\u00f3n PFCP desencadena un fallo en cascada, interrumpiendo la conexi\u00f3n SMF y causando degradaci\u00f3n del servicio."}], "lastModified": "2026-02-18T15:40:29.760", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:free5gc:free5gc:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "685CADC6-6235-4ACC-AB3A-0A0E3E12FA0D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}