CVE-2025-66786: OpenAirInterface OAI-CN5G-AMF DOS Flaw

CVE-2025-66786 Overview

CVE-2025-66786 affects OpenAirInterface CN5G Access and Mobility Management Function (AMF) versions up to and including v2.0.1. The vulnerability stems from a logic flaw in the JSON request parser used by the Service-Based Interface (SBI). Unauthenticated remote attackers can send malformed JSON payloads to the AMF SBI endpoint to trigger a denial-of-service condition. The flaw is tracked under CWE-20: Improper Input Validation. Affected 5G core deployments lose mobility management functionality, impacting subscriber registration and session continuity across the network.

Critical Impact

Unauthenticated remote attackers can crash the AMF service via crafted JSON over the SBI interface, disrupting 5G core network operations.

Affected Products

• OpenAirInterface oai-cn5g-amf versions <= v2.0.1
• 5G core network deployments using the OpenAirInterface CN5G AMF component
• Research, lab, and production 5G testbeds built on the OAI CN5G stack

Discovery Timeline

• 2026-01-07 - CVE-2025-66786 published to NVD
• 2026-01-29 - Last updated in NVD database

Technical Details for CVE-2025-66786

Vulnerability Analysis

The AMF is the 5G core network function responsible for registration, connection, reachability, and mobility management. It exposes a Service-Based Interface (SBI) over HTTP/2 that accepts JSON-encoded messages from other network functions such as the SMF, AUSF, and UDM. CVE-2025-66786 is a denial-of-service vulnerability triggered by a logical error in how the AMF parses inbound JSON request bodies. When a crafted JSON payload is delivered to the SBI endpoint, the parser enters an error state that terminates or hangs the AMF process. Because the SBI listener is reachable over the network without authentication, any host that can route to the AMF service can deliver the payload.

Root Cause

The root cause is improper input validation [CWE-20] in the JSON request handling path of oai-cn5g-amf. The parser does not enforce structural or type constraints before acting on the deserialized data. A specific malformed structure produces an unhandled condition that disrupts the SBI worker, halting AMF service delivery.

Attack Vector

The attack is delivered over the network with low complexity and no privileges or user interaction. An attacker with reachability to the AMF SBI endpoint sends a single malicious JSON request. The AMF process becomes unresponsive, breaking registration, authentication relay, and mobility procedures for all subscribers served by that AMF instance. Technical details and a proof-of-concept are documented in the public PoC repository.

Detection Methods for CVE-2025-66786

Indicators of Compromise

• Unexpected restarts, crashes, or hangs of the oai-cn5g-amf process correlated with inbound SBI traffic.
• HTTP/2 POST requests to AMF SBI namespaces (for example /namf-comm/, /namf-mt/, /namf-evts/) containing malformed or structurally invalid JSON bodies.
• Spikes in 5G subscriber registration failures (Registration Reject) or service requests timing out across the served PLMN.
• Inbound SBI traffic originating from hosts outside the documented 5G core network function inventory.

Detection Strategies

• Inspect AMF and reverse proxy access logs for JSON parsing errors, 4xx/5xx bursts on SBI endpoints, or repeated requests from a single peer prior to a crash.
• Deploy network monitoring on the SBI plane to alert on malformed JSON payloads and on requests with unusual structural depth or type mismatches.
• Correlate AMF process exits and systemd restart events with concurrent SBI request patterns to identify trigger payloads.

Monitoring Recommendations

• Forward AMF stdout, stderr, and systemd journal logs to a centralized logging platform for crash and restart alerting.
• Track AMF availability with active health probes against the SBI endpoint and alert on response timeouts.
• Monitor SBI ingress sources and alert when traffic arrives from IPs outside the allowed network function peer list.

How to Mitigate CVE-2025-66786

Immediate Actions Required

• Identify all oai-cn5g-amf instances at version v2.0.1 or earlier in lab and production deployments.
• Restrict access to the AMF SBI interface to authorized 5G network functions only using network ACLs or service mesh policies.
• Place a hardened HTTP/2 reverse proxy in front of the AMF to validate JSON structure and reject malformed payloads before they reach the application.
• Enable automatic process supervision so the AMF is restarted promptly if it crashes, limiting outage duration.

Patch Information

At the time of NVD publication, no vendor advisory or fixed version was referenced in the CVE record. Track the OpenAirInterface CN5G AMF project for releases beyond v2.0.1 that address the JSON parsing logic, and apply the fixed build once available.

Workarounds

• Segment the SBI network so the AMF is unreachable from untrusted networks, management VLANs, and the internet.
• Enforce mutual TLS between 5G network functions on the SBI and drop connections from peers without valid certificates.
• Rate-limit inbound SBI requests per source and apply schema validation at an API gateway to reject non-conforming JSON.
• Run multiple AMF replicas behind a load balancer so a single crash does not eliminate mobility management capacity.

# Example nftables rule restricting AMF SBI (TCP/8080) to known NF peers
nft add table inet sbi_filter
nft add chain inet sbi_filter input { type filter hook input priority 0 \; policy drop \; }
nft add rule inet sbi_filter input ip saddr { 10.0.10.0/24 } tcp dport 8080 accept
nft add rule inet sbi_filter input tcp dport 8080 drop