Security Advisory

CVE-2026-30079

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-07 00:00:00

Last updated 2026-04-09 13:47:21

Assigner mitre

State PUBLISHED

Description

In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a registration accept! This leads the UE to be registered without proper authentication.

← Browse all CVEs View on cve.org ↗