Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuthenticationFailure of the component AMF
AnalysisAI
Free5GC versions 4.2.0 and earlier are vulnerable to denial of service attacks through improper handling of authentication failures in the AMF component, allowing unauthenticated remote attackers to crash the service. The vulnerability requires no user interaction and can be exploited over the network, potentially disrupting 5G core network operations. No patch is currently available.
Technical ContextAI
Free5GC is an open-source 5G core network implementation written in Go. The Access and Mobility Management Function (AMF) is a critical component responsible for authentication, mobility management, and connection establishment for 5G User Equipment (UE). The HandleAuthenticationFailure function is specifically designed to process authentication failure notifications from the Home Subscriber Server (HSS) or other authentication providers. The vulnerability appears to be rooted in improper handling of authentication failure messages—likely a missing input validation, improper state management, or resource exhaustion issue (CWE category likely related to improper input validation or denial of service). The affected CPE indicates the vulnerability applies to the generic Free5GC project rather than a specific vendor distribution, making this a direct upstream issue affecting all deployments that have not patched beyond v4.2.0.
RemediationAI
Immediately upgrade Free5GC to a version after v4.2.0 (check the upstream repository at https://github.com/free5gc/free5gc for the latest stable release with the fix applied). Review the upstream issue at https://github.com/free5gc/free5gc/issues/826 for patch details and changelog. Until a patched version can be deployed, consider implementing network-level mitigations: restrict AMF access to trusted HSS/authentication servers only via firewall rules, implement rate limiting on authentication failure messages to prevent resource exhaustion, and monitor AMF CPU and memory usage for anomalies that may indicate ongoing exploitation. If the deployment is in a laboratory or non-critical environment, isolate the affected Free5GC instance from production networks pending the patch.
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-14889
GHSA-xwf4-w8f7-pwr9