CVE-2024-20685 – Azure Private 5G Core Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2024-20685

09 Apr 2024 — Azure Private 5G Core Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del núcleo privado 5G de Azure This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure Private 5G Core. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of InitialUEMessage messages. The issue results from improper length validation. An attacker can leverage this vulnerability to create... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685 • CWE-130: Improper Handling of Length Parameter Inconsistency •