CVE-2025-69252

free5gc UDM provides Unified Data Management (UDM) for free5GC, an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 have a NULL Pointer Dereference vulnerability. Remote unauthenticated attackers can trigger a service panic (Denial of Service) by sending a crafted PUT request with an unexpected ueId, crashing the UDM service. All deployments of free5GC using the UDM component may be affected. free5gc/udm pull request 76 contains a fix for the issue. No direct workaround is available at the application level. Applying the official patch is recommended.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/free5gc/free5gc/issues/752	Exploit Issue Tracking Patch Vendor Advisory
https://github.com/free5gc/free5gc/security/advisories/GHSA-v8cv-qvf6-9rpm	Patch Vendor Advisory
https://github.com/free5gc/udm/commit/504b14458d156558b3c0ade7107b86b3d5e72998	Patch
https://github.com/free5gc/udm/pull/76	Issue Tracking

Configurations

Configuration 1 (hide)

cpe:2.3:a:free5gc:udm:*:*:*:*:*:go:*:*

History

25 Feb 2026, 16:46

Type	Values Removed	Values Added
Summary		(es) free5gc UDM proporciona Gestión Unificada de Datos (UDM) para free5GC, un proyecto de código abierto para redes centrales móviles de 5ª generación (5G). Las versiones hasta la 1.4.1 inclusive tienen una vulnerabilidad de desreferencia de puntero NULL. Atacantes remotos no autenticados pueden desencadenar un pánico del servicio (Denegación de servicio) enviando una solicitud PUT manipulada con un ueId inesperado, lo que provoca la caída del servicio UDM. Todas las implementaciones de free5GC que utilizan el componente UDM pueden verse afectadas. La solicitud de extracción 76 de free5gc/udm contiene una corrección para el problema. No hay una solución alternativa directa disponible a nivel de aplicación. Se recomienda aplicar el parche oficial.
References	~~() https://github.com/free5gc/free5gc/issues/752 -~~	() https://github.com/free5gc/free5gc/issues/752 - Exploit, Issue Tracking, Patch, Vendor Advisory
References	~~() https://github.com/free5gc/free5gc/security/advisories/GHSA-v8cv-qvf6-9rpm -~~	() https://github.com/free5gc/free5gc/security/advisories/GHSA-v8cv-qvf6-9rpm - Patch, Vendor Advisory
References	~~() https://github.com/free5gc/udm/commit/504b14458d156558b3c0ade7107b86b3d5e72998 -~~	() https://github.com/free5gc/udm/commit/504b14458d156558b3c0ade7107b86b3d5e72998 - Patch
References	~~() https://github.com/free5gc/udm/pull/76 -~~	() https://github.com/free5gc/udm/pull/76 - Issue Tracking
First Time		Free5gc udm Free5gc
CPE		cpe:2.3:a:free5gc:udm::::::go::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

24 Feb 2026, 00:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-24 00:16

Updated : 2026-02-25 16:46

NVD link : CVE-2025-69252

Mitre link : CVE-2025-69252

CVE.ORG link : CVE-2025-69252

JSON object : View

Products Affected

free5gc

CWE

CWE-476

NULL Pointer Dereference

7.5 /10