CVE-2026-42082
free5GC: Missing Concurrent NAS SMC Validation During NGAP Handover
CVSS Score
3.7
EPSS Score
0.0%
EPSS Percentile
3th
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 ยง6.9.5.1. The AMF does not check for ongoing N2 handover procedures before initiating a NAS Security Mode Command, and vice versa. This can lead to mismatches between NAS and AS security contexts in the network and the UE. This vulnerability is fixed in 4.2.2.
| CWE | CWE-358 |
| Vendor | free5gc |
| Product | free5gc |
| Published | May 27, 2026 |
| Last Updated | May 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for free5gc free5gc
Be the first to know when new low vulnerabilities affecting free5gc free5gc are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Affected Versions
free5gc / free5gc
< 4.2.2