Primary

Context

OpenAirInterface Security Mode Integrity Bypass Vulnerability in 5G Registration

Vulnerability

A vulnerability in OpenAirInterface version 2.2.0 allows the acceptance of Security Mode Complete messages without proper integrity protection. The software supports integrity algorithms NIA1 and NIA2, but when a User Equipment (UE) initiates registration with only the IA0 security capability, OpenAirInterface improperly accepts and processes the request. This creates a downgraded security context that could be exploited for replay attacks.

Impact

Exploitation of this vulnerability could lead to unauthorized replay of messages in the 5G communication process, potentially causing disruptions or unauthorized actions.

Reproduction

The vulnerability can be reproduced by sending an initial registration request from a UE that only supports the IA0 security capability. OpenAirInterface will accept this request, bypassing the integrity checks that should be enforced.

Added: Apr 8, 2026, 6:00 PM

Updated: Apr 8, 2026, 6:00 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

0.0

relevance

5.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

0.0

relevance

5.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenAirInterface Security Mode Integrity Bypass Vulnerability in 5G Registration

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating