What is the CVSS score of CVE-2025-69248?

CVE-2025-69248 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.3%.

Which versions of Amf are affected by CVE-2025-69248?

A buffer overflow vulnerability in free5GC's AMF service (CVE-2025-69248) can be exploited to cause denial of service attacks against 5G mobile core network infrastructure.. A patch is available.

Is there a public PoC exploit available for CVE-2025-69248?

Yes, a public proof-of-concept exploit is available for CVE-2025-69248. Prioritise patching immediately. EPSS: 0.3%.

How to fix or mitigate CVE-2025-69248?

Within 24 hours: Inventory all systems running free5GC and identify which are running vulnerable versions (≤1.4.1); assess whether affected systems are production or non-production. Within 7 days: Apply available patch to all non-production environments first for validation; implement network-level rate limiting on AMF service interfaces as interim protection. Within 30 days: Complete patching of all production free5GC instances; conduct vulnerability rescanning to confirm remediation.

Amf CVE-2025-69248

HIGH

Improper Validation of Array Index (CWE-129)

2026-02-23 security-advisories@github.com

Buffer Overflow Denial Of Service Amf

7.5

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 25, 2026 - 16:35 vuln.today

Public exploit code

Patch released

Feb 25, 2026 - 16:35 nvd

Patch available

CVE Published

Feb 23, 2026 - 22:16 nvd

HIGH 7.5

DescriptionGitHub Advisory

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NAS Registration Request with a malformed 5GS Mobile Identity, causing complete denial of service for the 5G core network. All deployments of free5GC using the AMF component may be affected. Pull request 43 of the free5gc/nas repo contains a fix. No direct workaround is available at the application level. Applying the official patch is recommended.

AnalysisAI

Technical ContextAI

Classified as CWE-129 (Improper Validation of Array Index). Affects Amf. free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NAS Registration Request with a malformed 5GS Mobile Identity, causing complete denial of service for the 5G core network. All deployments of free5GC using the AMF component may be affected. Pull request

RemediationAI

A vendor patch is available — apply it immediately. Enable ASLR, DEP/NX, and stack canaries where possible. Restrict network access to the affected service where possible.

CVE-2025-69248 vulnerability details – vuln.today

Back

Amf CVE-2025-69248

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code