External risk intelligence

Open5GS NF-Instances Endpoint Resource Consumption Vulnerability

CVE advisorySeverity: LOW (CVSS 2.1)

CVE-2026-10156

A vulnerability in Open5GS may lead to resource consumption if an attacker manipulates an argument in the nf-instances Endpoint. This could impact network services by exhausting system resources. The exploit has been publicly disclosed, presenting a potential risk.

3Halo Surface Signal

External exposure likelihood

Halo Surface Signal score for CVE-2026-10156

The vulnerability exists in Open5GS, a software suite for 5G and 4G core networks. While the NRF (Network Repository Function) interface is a critical component of 5G core infrastructure, these internal signaling interfaces are typically designed to operate within isolated, private telecommunications networks rather than being directly exposed to the public internet.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Horizon Alert

Summary of the vulnerability and why it matters

A vulnerability has been identified in Open5GS, a software component used in network functions. The flaw resides in how the nf-instances Endpoint handles specific information, potentially allowing for resource consumption. This issue can be exploited remotely by an attacker.

  • Vulnerable component: nf-instances Endpoint
  • Core weakness: Resource consumption via argument manipulation
  • Main business impact: Network service disruption

Attack Path

How an attacker could exploit the issue

The vulnerability in Open5GS involves a resource consumption issue within the `handle_amf_info` function. This occurs when an attacker manipulates the `nf_info_pool` argument. Such manipulation can lead to a denial-of-service condition by exhausting system resources. The exploit has been publicly disclosed, making it a potential risk for affected organizations.

  • Network exposure required.
  • Attacker manipulates `nf_info_pool` argument.
  • Results in resource consumption.

Live Threat

Current exploitation, exposure, and threat context

A vulnerability in Open5GS, specifically within the nf-instances Endpoint's NRF handler, could allow for resource consumption. The exploit is publicly disclosed, meaning attackers may be able to utilize it. Patches are available to address the issue.

  • Likely attacker skill level: Low
  • Required access or conditions: Network access, no special privileges
  • Business risk or urgency: Low

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability in Open5GS can lead to resource consumption through manipulation of a specific function argument. The attack can be performed remotely and has been publicly disclosed, indicating a potential risk to affected organizations. Applying the vendor-provided patch is advised to resolve this issue, and the fix is noted as already implemented.

  • Identify exposed Open5GS assets.
  • Reduce exposure or isolate affected systems.
  • Apply fix, verify, and monitor.

Frequently asked questions

What is Open5GS and its role in mobile networks?

Open5GS is a software suite that provides essential core network functions for 5G and 4G mobile communication systems. It serves as the backbone infrastructure enabling devices to connect to mobile internet services and conduct voice calls.

What type of weakness does CVE-2026-10156 expose in Open5GS?

CVE-2026-10156 details a resource consumption vulnerability classified under CWE-400, indicating uncontrolled resource allocation. This weakness in Open5GS allows an attacker to deplete system resources by manipulating an argument within the `handle_amf_info` function.

How can an attacker exploit the Open5GS vulnerability involving resource consumption?

An attacker can trigger this vulnerability by remotely manipulating the `nf_info_pool` argument in the `handle_amf_info` function located in the NRF handler component. This manipulation can lead to a denial-of-service condition by exhausting available system resources.

What is the potential impact of CVE-2026-10156 on a 5G core network?

While the vulnerability exists within Open5GS's NRF interface, a critical part of 5G core infrastructure, such internal signaling interfaces are typically isolated within private telecommunication networks. Direct exposure to the public internet is not the standard operational model, suggesting a limited external threat surface for this specific flaw.

What steps should be taken to address the Open5GS resource consumption vulnerability?

Organizations should first identify any Open5GS assets that might be exposed. It is advisable to reduce the exposure of affected systems or isolate them if possible. Applying the vendor-provided patch is the recommended solution, and verifying its implementation along with ongoing monitoring is crucial.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified