Critical severity9.8NVD Advisory· Published Apr 7, 2026· Updated Apr 14, 2026
CVE-2026-30079
CVE-2026-30079
Description
In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a registration accept! This leads the UE to be registered without proper authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:openairinterface:oai-cn5g-amf:2.2.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- gitlab.eurecom.fr/oai/cn5g/oai-cn5g-amf/-/issues/77nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.