Ella Core 5G Authentication NAS Message Processing Panic Vulnerability

A denial-of-service vulnerability has been identified in Ella Core versions prior to 1.7.0. The issue arises when the software processes Authentication Response and Authentication Failure NAS messages that lack certain Information Elements (IEs). An attacker who sends crafted NAS messages can cause the application to crash, disrupting service for all connected subscribers. This vulnerability does not require authentication to exploit.

Impact

Exploitation of this vulnerability leads to a process crash, causing a service disruption for all connected subscribers.

Reproduction

The vulnerability can be reproduced by sending Authentication Response or Authentication Failure NAS messages that are missing required Information Elements to an instance of Ella Core prior to version 1.7.0. This can be done by crafting NAS messages that intentionally omit specific IEs and transmitting them to the Ella Core application.

Remediation

Users can upgrade to Ella Core version 1.7.0 or later, where this vulnerability has been patched.