{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-6952", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-07-01T05:51:09.919Z", "datePublished": "2025-07-01T11:32:07.418Z", "dateUpdated": "2025-07-01T13:07:07.279Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-07-01T11:32:07.418Z"}, "title": "Open5GS AMF Service amf-sm.c amf_state_operational assertion", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-617", "lang": "en", "description": "Reachable Assertion"}]}], "affected": [{"vendor": "n/a", "product": "Open5GS", "versions": [{"version": "2.7.0", "status": "affected"}, {"version": "2.7.1", "status": "affected"}, {"version": "2.7.2", "status": "affected"}, {"version": "2.7.3", "status": "affected"}, {"version": "2.7.4", "status": "affected"}, {"version": "2.7.5", "status": "affected"}], "modules": ["AMF Service"]}], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue."}, {"lang": "de", "value": "Eine Schwachstelle wurde in Open5GS bis 2.7.5 entdeckt. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion amf_state_operational der Datei src/amf/amf-sm.c der Komponente AMF Service. Durch Beeinflussen mit unbekannten Daten kann eine reachable assertion-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Patch wird als 53e9e059ed96b940f7ddcd9a2b68cb512524d5db bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C"}}], "timeline": [{"time": "2025-07-01T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-07-01T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-07-01T07:56:13.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "SQ0409 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.314489", "name": "VDB-314489 | Open5GS AMF Service amf-sm.c amf_state_operational assertion", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.314489", "name": "VDB-314489 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.605312", "name": "Submit #605312 | Open5GS <=2.7.5 Reachable Assertion", "tags": ["third-party-advisory"]}, {"url": "https://github.com/open5gs/open5gs/issues/3938", "tags": ["issue-tracking"]}, {"url": "https://github.com/open5gs/open5gs/issues/3938#issuecomment-3012139813", "tags": ["issue-tracking"]}, {"url": "https://github.com/open5gs/open5gs/commit/53e9e059ed96b940f7ddcd9a2b68cb512524d5db", "tags": ["patch"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-01T13:05:58.387602Z", "id": "CVE-2025-6952", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-01T13:07:07.279Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6952", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-01T13:05:58.387602Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-01T13:06:48.901Z"}}], "cna": {"title": "Open5GS AMF Service amf-sm.c amf_state_operational assertion", "credits": [{"lang": "en", "type": "reporter", "value": "SQ0409 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.3, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 1.7, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C"}}], "affected": [{"vendor": "n/a", "modules": ["AMF Service"], "product": "Open5GS", "versions": [{"status": "affected", "version": "2.7.0"}, {"status": "affected", "version": "2.7.1"}, {"status": "affected", "version": "2.7.2"}, {"status": "affected", "version": "2.7.3"}, {"status": "affected", "version": "2.7.4"}, {"status": "affected", "version": "2.7.5"}]}], "timeline": [{"lang": "en", "time": "2025-07-01T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-07-01T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-07-01T07:56:13.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.314489", "name": "VDB-314489 | Open5GS AMF Service amf-sm.c amf_state_operational assertion", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.314489", "name": "VDB-314489 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.605312", "name": "Submit #605312 | Open5GS <=2.7.5 Reachable Assertion", "tags": ["third-party-advisory"]}, {"url": "https://github.com/open5gs/open5gs/issues/3938", "tags": ["issue-tracking"]}, {"url": "https://github.com/open5gs/open5gs/issues/3938#issuecomment-3012139813", "tags": ["issue-tracking"]}, {"url": "https://github.com/open5gs/open5gs/commit/53e9e059ed96b940f7ddcd9a2b68cb512524d5db", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue."}, {"lang": "de", "value": "Eine Schwachstelle wurde in Open5GS bis 2.7.5 entdeckt. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion amf_state_operational der Datei src/amf/amf-sm.c der Komponente AMF Service. Durch Beeinflussen mit unbekannten Daten kann eine reachable assertion-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Patch wird als 53e9e059ed96b940f7ddcd9a2b68cb512524d5db bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-617", "description": "Reachable Assertion"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-07-01T11:32:07.418Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6952", "state": "PUBLISHED", "dateUpdated": "2025-07-01T13:07:07.279Z", "dateReserved": "2025-07-01T05:51:09.919Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-07-01T11:32:07.418Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amf_state_operational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The identifier of the patch is 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. It is recommended to apply a patch to fix this issue."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad clasificada como problem\u00e1tica en Open5GS hasta la versi\u00f3n 2.7.5. Este problema afecta a la funci\u00f3n amf_state_operational del archivo src/amf/amf-sm.c del componente AMF Service. La manipulaci\u00f3n genera una aserci\u00f3n accesible. Es posible lanzar el ataque en el host local. El identificador del parche es 53e9e059ed96b940f7ddcd9a2b68cb512524d5db. Se recomienda aplicar un parche para solucionar este problema."}], "id": "CVE-2025-6952", "lastModified": "2025-07-03T15:14:12.767", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 1.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-07-01T12:15:24.343", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/open5gs/open5gs/commit/53e9e059ed96b940f7ddcd9a2b68cb512524d5db"}, {"source": "cna@vuldb.com", "url": "https://github.com/open5gs/open5gs/issues/3938"}, {"source": "cna@vuldb.com", "url": "https://github.com/open5gs/open5gs/issues/3938#issuecomment-3012139813"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.314489"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.314489"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.605312"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}