CVE-2025-6952
low-risk
Published 2025-07-01
A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue.
Do I need to act?
-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.3/10
Low
LOCAL
/ LOW complexity
Affected Products (1)
Affected Vendors
References (6)
Permissions Required
https://vuldb.com/?ctiid.314489
Third Party Advisory
https://vuldb.com/?id.314489
Third Party Advisory
https://vuldb.com/?submit.605312
18
/ 100
low-risk
Severity
13/34 · Low
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal