{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T05:27:56.275","vulnerabilities":[{"cve":{"id":"CVE-2024-24425","sourceIdentifier":"cve@mitre.org","published":"2024-11-15T19:15:05.927","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Magma v1.8.0 and OAI EPC Federation v1.20 were discovered to contain an out-of-bounds read in the amf_as_establish_req function at /tasks/amf/amf_as.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet."},{"lang":"es","value":"Se descubrió que Magma v1.8.0 y OAI EPC Federation v1.20 contenían una lectura fuera de los límites en la función amf_as_establish_req en /tasks/amf/amf_as.cpp. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un paquete NAS manipulado."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://cellularsecurity.org/ransacked","source":"cve@mitre.org"},{"url":"https://github.com/OPENAIRINTERFACE/openair-epc-fed","source":"cve@mitre.org"},{"url":"https://github.com/magma/magma","source":"cve@mitre.org"}]}}]}