Is there a public PoC exploit available for CVE-2025-14955?

Yes, a public proof-of-concept exploit is available for CVE-2025-14955. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for CVE-2025-14955?

Yes, a patch is available for CVE-2025-14955. Update the affected software to the latest version immediately.

Open5GS CVE-2025-14955

Q: What is the CVSS score of CVE-2025-14955?

CVE-2025-14955 has a CVSS 4.0 base score of 2.9 (Low). CVSS vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

LOW

Improper Initialization (CWE-665)

2025-12-19 cna@vuldb.com

Information Disclosure Open5gs

2.9

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Apr 29, 2026 - 01:43 vuln.today

DescriptionNVD

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogs_pfcp_handle_create_pdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit has been made public and could be used. The patch is identified as 773117aa5472af26fc9f80e608d3386504c3bdb7. It is best practice to apply a patch to resolve this issue.

AnalysisAI

Improper initialization in the PFCP handler function ogs_pfcp_handle_create_pdr within Open5GS up to version 2.7.5 allows remote attackers to trigger information disclosure with high attack complexity. The vulnerability has a publicly available proof-of-concept and carries a very low EPSS score (0.15%), indicating minimal real-world exploitation probability despite public availability of exploit code. CVSS 2.9 reflects the limited technical impact (availability of confidentiality only), but the high complexity and resource requirements make practical attacks difficult.

Technical ContextAI

Open5GS is a 5G Core and EPC implementation using the PFCP (Packet Forwarding Control Protocol) defined in 3GPP TS 29.244. The vulnerability resides in lib/pfcp/handler.c within the ogs_pfcp_handle_create_pdr function, which is responsible for processing PFCP Create PDR (Packet Detection Rule) messages. The flaw involves improper initialization of data structures (CWE-665), which can leave sensitive information in uninitialized memory accessible to remote attackers over the network via PFCP protocol messages. PFCP is a control-plane protocol used between the user plane function (UPF) and control plane function (CPF) in 5G networks, typically deployed in restricted network environments.

RemediationAI

Apply the vendor-released patch identified by commit 773117aa5472af26fc9f80e608d3386504c3bdb7 to remediate improper initialization in the PFCP handler. Update Open5GS to a version containing this commit (2.7.6 or later if available via the project's release process). For environments unable to patch immediately, restrict PFCP message sources to trusted control plane entities only by implementing network-level access controls on port 8805 (standard PFCP port) - limit connections to known UPF or CPF nodes. Additionally, disable PDR creation via untrusted network paths if architectural changes are feasible. Review the GitHub issue #4182 at https://github.com/open5gs/open5gs/issues/4182 for community validation of the fix prior to deployment.

CVE-2025-14955 vulnerability details – vuln.today

Back