CVE-2023-41628

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 1, 2023

Updated: Sep 7, 2023

Summary

CVE-2023-41628 is a newly discovered vulnerability affecting the O-RAN Software Community E2 G-Release. This issue permits attackers to execute a Denial of Service (DoS) attack by improperly triggering the messaging process between the E2Node and E2Term components. The flaw arises from an inconsistency in the communication procedure, leading to an excessive resource consumption and eventual crash or unavailability of the affected components. Attackers can leverage this vulnerability to cause significant disruptions in telecommunications networks that utilize the O-RAN Software Community E2 G-Release. Mitigation measures include updating to the latest software patches or implementing network access control and intrusion prevention systems to prevent unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database