What is the CVSS score of CVE-2025-15532?

CVE-2025-15532 has a CVSS 3.1 base score of 5.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. EPSS exploitation probability: 0.2%.

Which versions of Open5gs are affected by CVE-2025-15532?

Organizations using Open5GS should be aware of moderate risk from CVE-2025-15532, a resource exhaustion vulnerability rated CVSS 5.3. Service availability could be impacted.. A patch is available.

Is there a public PoC exploit available for CVE-2025-15532?

Yes, a public proof-of-concept exploit is available for CVE-2025-15532. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-15532?

Within 30 days: Identify affected systems running Open5GS and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Open5gs CVE-2025-15532

MEDIUM

Uncontrolled Resource Consumption (CWE-400)

2026-01-17 cna@vuldb.com

Denial Of Service Open5gs

5.3

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

5.3 MEDIUM

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 23, 2026 - 09:16 vuln.today

Public exploit code

Patch released

Feb 23, 2026 - 09:16 nvd

Patch available

CVE Published

Jan 17, 2026 - 17:15 nvd

MEDIUM 5.3

DescriptionCVE.org

A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.

AnalysisAI

A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. [CVSS 5.3 MEDIUM]

Technical ContextAI

Classified as CWE-400 (Uncontrolled Resource Consumption). Affects Open5Gs. A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.

RemediationAI

A vendor patch is available — apply it immediately. Restrict network access to the affected service where possible.

CVE-2025-15532 vulnerability details – vuln.today

Back

Open5gs CVE-2025-15532

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code