CVE-2026-32319: CVE-2026-32319: Unauthenticated Denial of Service in Ella Core AMF via Malformed NAS Messages

CVE-2026-32319: Unauthenticated Denial of Service in Ella Core AMF via Malformed NAS Messages Vulnerability ID: CVE-2026-32319 CVSS Score: 7.5 Published: 2026-03-12 CVE-2026-32319 is a high-severity unauthenticated Denial of Service (DoS) vulnerability in the Ella Core 5G network implementation. The Access and Mobility Management Function (AMF) fails to validate the length of integrity-protected Non-Access Stratum (NAS) messages before performing slice operations. This out-of-bounds read leads to a runtime panic, resulting in process termination and complete service disruption for all subscribers. TL;DR An out-of-bounds read in Ella Core's AMF allows unauthenticated attackers to crash the 5G core by sending undersized NAS messages over the N2 interface. ⚠️ Exploit Status: POC Technical Details CWE ID : CWE-125: Out-of-bounds Read Attack Vector : Network (AV:N) CVSS Score : 7.5 (High) Impact : Denial of Service (Process Crash) Exploit Status : Proof-of-Concept Authentication Required :

CVE-2026-32319: CVE-2026-32319: Unauthenticated Denial of Service in Ella Core AMF via Malformed NAS Messages

Related Articles

These car gadgets are worth every penny

These Are the 4 Artemis II Astronauts Leading the Historic Return to the Moon

Taylor Lorenz’s Screen Time Is Almost 17 Hours a Day

RSpec Best Practices in 2026: Factory Bot + VCR Cassettes

The $380K Outage — Complete Timeline From Hell (2:14 AM to 4:02 AM)

Related Articles

News
These car gadgets are worth every penny
ZDNet • 3h ago

News
These Are the 4 Artemis II Astronauts Leading the Historic Return to the Moon
Wired • 3h ago

News
Taylor Lorenz’s Screen Time Is Almost 17 Hours a Day
Wired • 3h ago

News
RSpec Best Practices in 2026: Factory Bot + VCR Cassettes
Medium Programming • 4h ago

News
The $380K Outage — Complete Timeline From Hell (2:14 AM to 4:02 AM)
Medium Programming • 4h ago