CVE-2025-69252
HIGHfree5gc UDM <= 1.4.1 - Unauthenticated Denial of Service via Crafted PUT Request
Title source: llmDescription
free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference vulnerability. Remote unauthenticated attackers can trigger a service panic (Denial of Service) by sending a crafted PUT request with an unexpected ueId, crashing the UDM service. All deployments of free5GC using the UDM component may be affected. free5gc/udm pull request 76 contains a fix for the issue. No direct workaround is available at the application level. Applying the official patch is recommended.
References (4)
Core 4
Core References
Issue Tracking x_refsource_misc
https://github.com/free5gc/udm/pull/76
Vendor Advisory x_refsource_confirm
https://github.com/free5gc/free5gc/security/advisories/GHSA-v8cv-qvf6-9rpm
Issue Tracking x_refsource_misc
https://github.com/free5gc/free5gc/issues/752
Patch x_refsource_misc
https://github.com/free5gc/udm/commit/504b14458d156558b3c0ade7107b86b3d5e72998
Scores
CVSS v3
7.5
EPSS
0.0051
EPSS Percentile
39.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-476
Status
published
Products (1)
free5gc/udm
< 1.4.1
Published
Feb 24, 2026
Tracked Since
Feb 24, 2026