Cybersecurity Vulnerabilities

Free5GC Under Attack? Analyzing CVE-2025-60638: A Denial of Service Vulnerability

November 24, 2025 - By 

Overview

A denial-of-service (DoS) vulnerability, identified as CVE-2025-60638, has been discovered in Free5GC versions 4.0.0 and 4.0.1. This vulnerability allows a remote attacker to potentially disrupt the availability of the Free5GC service by sending a specially crafted POST request to the Nnssf_NSSAIAvailability API.

Technical Details

The vulnerability resides in the handling of incoming POST requests to the Nnssf_NSSAIAvailability API endpoint. A maliciously crafted POST request can trigger a resource exhaustion or an unhandled exception within the Free5GC application, ultimately leading to a denial of service. The exact nature of the crafted request, while not detailed here, is available in the provided issue report.

The core of the vulnerability lies in how the application parses and processes the data within the POST request. If this parsing isn’t adequately validated, attackers can exploit this weakness by sending unexpectedly large data or data formatted in an unexpected way.

CVSS Analysis

At the time of this writing, the CVSS score for CVE-2025-60638 is not available (N/A). This may be due to ongoing analysis or the recent discovery of the vulnerability. However, given the nature of a denial-of-service attack, it’s likely that the score will fall within the Medium to High range, depending on the ease of exploitation and the impact on the affected service.

As more information becomes available, the CVSS score and vector will be updated to provide a more accurate assessment of the risk.

Possible Impact

The successful exploitation of this vulnerability can lead to the following:

  • Denial of Service: The primary impact is the unavailability of the Free5GC service, preventing legitimate users from accessing or utilizing its features.
  • Service Disruption: Even a temporary denial of service can disrupt critical network functions that rely on Free5GC.

The severity of the impact depends on the criticality of the Free5GC service within the overall network infrastructure.

Mitigation or Patch Steps

The recommended mitigation strategy is to upgrade to a patched version of Free5GC that addresses this vulnerability. Check the official Free5GC repository for updates and patches. If an immediate patch is not available, consider the following temporary mitigation measures:

  • Rate Limiting: Implement rate limiting on the Nnssf_NSSAIAvailability API endpoint to restrict the number of requests from a single source within a given timeframe. This can help prevent attackers from overwhelming the service.
  • Input Validation: If possible, implement stricter input validation on the Nnssf_NSSAIAvailability API to filter out malicious or malformed requests. This might require code modifications or the use of a Web Application Firewall (WAF).
  • Monitor Network Traffic: Monitor network traffic for suspicious patterns, such as a sudden surge in requests to the vulnerable endpoint.

Always prioritize applying official patches as soon as they become available.

References

Free5GC GitHub Repository
Free5GC Issue #704

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *