{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30653", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-24T18:51:30.979Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-24T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-24T14:40:30.924Z"}, "descriptions": [{"lang": "en", "value": "An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuthenticationFailure of the component AMF"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/free5gc/free5gc/issues/826"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-400", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T18:51:09.517411Z", "id": "CVE-2026-30653", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T18:51:30.979Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30653", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T18:51:09.517411Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T18:51:27.540Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/free5gc/free5gc/issues/826"}], "descriptions": [{"lang": "en", "value": "An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuthenticationFailure of the component AMF"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-24T14:40:30.924Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30653", "state": "PUBLISHED", "dateUpdated": "2026-03-24T18:51:30.979Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-24T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:free5gc:free5gc:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3655699-AB73-4033-AFD6-A368AEE881A0", "versionEndIncluding": "4.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denial of service via the function HandleAuthenticationFailure of the component AMF"}], "id": "CVE-2026-30653", "lastModified": "2026-03-24T20:16:26.650", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-24T15:16:34.137", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/free5gc/free5gc/issues/826"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.2.0]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "free5gc", "vendor": "free5gc"}], "analysis": {"en": {"generated_at": "2026-03-24T21:49:22.940365+00:00", "value": {"mitigation_remediation": ["Upgrade Free5GC to a version newer than 4.2.0 to remediate the denial of service vulnerability.", "If an immediate upgrade is not feasible, consider temporarily disabling the AMF service until a patch is applied to prevent exploitation.", "Monitor system logs for repeated authentication failures that could indicate an ongoing attack or misconfiguration."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Free5GC versions 4.2.0 and earlier are affected. The issue is present in the AMF module of the Free5GC open source 5G core stack. No other vendors or product lines are listed as impacted.", "description_and_impact": "The vulnerability in Free5GC allows a remote attacker to trigger a denial of service by exploiting the HandleAuthenticationFailure function in the AMF component. This weakness permits an attacker to repeatedly provoke failures that overwhelm system resources, leading to unavailability of the AMF and potentially the entire network slice depending on the deployment. The flaw is classified as CWE\u2011400, indicating a resource exhaustion weakness. The impact manifests as a service outage, affecting network availability and disrupting business services that rely on 5G connectivity.", "risk_and_exploitability": "The CVSS score of 7.5 places this vulnerability in the high-risk category. The EPSS score is not available, and the vulnerability is not listed in CISA\u2019s KEV catalog, suggesting no known large-scale exploit but retaining a high potential for exploitation. The attack vector is remote, inferred from the description, and likely occurs over network interfaces that the AMF exposes. An attacker with network access could invoke authentication failure scenarios repeatedly, exhausting resources and causing downtime."}}}}, "created": "2026-03-25T11:48:58.564572+00:00", "title": "Remote Denial of Service via Authentication Failure Handler in Free5GC AMF", "updated": "2026-03-25T20:40:49.671590+00:00", "vendors": ["free5gc", "free5gc$PRODUCT$free5gc"]}