{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-56568", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-30T19:37:56.159Z", "dateReserved": "2025-08-17T00:00:00.000Z", "datePublished": "2026-04-30T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-30T19:37:56.159Z"}, "descriptions": [{"lang": "en", "value": "Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/open5gs/open5gs/issues/3969"}, {"url": "https://github.com/open5gs/open5gs/commit/d7707879c943d2c952235382154d835b5849d54e"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data."}], "id": "CVE-2025-56568", "lastModified": "2026-05-01T15:37:42.383", "metrics": {}, "published": "2026-04-30T20:16:23.220", "references": [{"source": "cve@mitre.org", "url": "https://github.com/open5gs/open5gs/commit/d7707879c943d2c952235382154d835b5849d54e"}, {"source": "cve@mitre.org", "url": "https://github.com/open5gs/open5gs/issues/3969"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.7.5)"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "open5gs", "vendor": "open5gs"}], "created": "2026-04-30T22:30:02.675531+00:00", "title": "Remote Denial of Service via Malformed NGAP Protocol Configuration Options in Open5GS SMF", "updated": "2026-05-02T00:30:16.090421+00:00", "vendors": ["open5gs", "open5gs$PRODUCT$open5gs"], "weaknesses": ["CWE-20", "CWE-682"]}