CVE-2024-34036

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 25, 2025

CWE ID 400

CWE ID 617

Summary

CVE-2024-34036 is a newly identified vulnerability affecting the O-RAN Near Realtime RIC I-Release. The issue allows an attacker to disrupt the initial connection between a gNB (gNodeB) and the Near RT-RIC (Real-Time Resource Interator Function) by overwhelming the system with an excessive number of subscription requests via an xApp (external application). This can potentially result in service disruptions and impact network performance. Attackers may leverage this vulnerability to gain unauthorized access or cause denial-of-service (DoS) attacks. It is essential for organizations using the O-RAN Near Realtime RIC I-Release to apply the necessary patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database