CVE-2023-37034

Published: Jan 21, 2025

Modified: Mar 24, 2025

PUBLISHED

Description

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `TAI` field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cellularsecurity.org/ransacked

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-37034

Description

Affected Products

References