CVE-2025-15555

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L                                    

Vulnerability Description

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_cx_mar_cb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGS_KEY_LEN results in stack-based buffer overflow. The attack may be launched remotely. The patch is identified as 54dda041211098730221d0ae20a2f9f9173e7a21. A patch should be applied to remediate this issue.

Vulnerability Details

Published Date

February 04, 2026

Last Modified

February 11, 2026

CWE ID

CWE-119

Source

NVD

Vendor

open5gs

Product

Open5GS

External References

https://github.com/open5gs/open5gs/
https://github.com/open5gs/open5gs/commit/54dda041211098730221d0ae20a2f9f9173e7a21
https://github.com/open5gs/open5gs/issues/4177
https://github.com/open5gs/open5gs/issues/4177#event-21256395700
https://vuldb.com/?ctiid.343795
https://vuldb.com/?id.343795
https://vuldb.com/?submit.741901

CVE-2025-15555

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment