CVE-2026-42083

May 28, 2026, 6:40 p.m.

8.2
High

Description

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF Npcf_SMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer(), the smPolicyGroup route group is created and routes are applied without attaching the router authorization middleware. In contrast, other PCF service groups such as Npcf_PolicyAuthorization do attach RouterAuthorizationCheck before route registration. Because the middleware is missing, requests to the /npcf-smpolicycontrol/v1/sm-policies, /npcf-smpolicycontrol/v1/sm-policies/{smPolicyId}, /npcf-smpolicycontrol/v1/sm-policies/{smPolicyId}/update, and /npcf-smpolicycontrol/v1/sm-policies/{smPolicyId}/delete endpoints can reach business logic even when no valid OAuth token is provided. This vulnerability is fixed in 4.2.2.

Product(s) Impacted

Vendor Product Versions
Free5gc
  • Free5gc
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a free5gc free5gc / / / / / / / /

References

https://github.com/free5gc/free5gc/issues/844
https://github.com/free5gc/free5gc/security/advisories/GHSA-6rgm-gr97-x3j5
https://github.com/free5gc/pcf/commit/8c4d457cdf58bb239ee30e88c56b370b22073964
https://github.com/free5gc/pcf/pull/63
https://github.com/free5gc/free5gc/issues/844
https://github.com/free5gc/free5gc/security/advisories/GHSA-6rgm-gr97-x3j5

Tags

[email protected]
CWE-862
2026-05-27
CVE-2026-42083

CVSS Score

8.2 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: LOW
  • Availability Impact: NONE

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

    View Vector String

Timeline

Published: May 27, 2026, 5:16 p.m.
Last Modified: May 28, 2026, 6:40 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.