CVE-2026-37233
Summary
| CVE | CVE-2026-37233 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-06-01 19:16:33 UTC |
| Updated | 2026-06-01 19:16:33 UTC |
| Description | FlexRIC v2.0.0 contains an authorization bypass in the iApp's xApp isolation mechanism. The equality function eq_xapp_ric_gen_id() in src/ric/iApp/xapp_ric_id.c compares m0->xapp_id against itself (m0->xapp_id) instead of the other argument (m1->xapp_id), effectively ignoring the xApp identity dimension. A malicious xApp connected to the iApp (port 36422) can delete any other xApp's subscriptions by sending an E42_RIC_SUBSCRIPTION_DELETE_REQUEST with a matching ric_gen_id. This breaks multi-tenant isolation in any deployment with multiple xApps sharing the same RIC. |
Risk And Classification
Problem Types: n/a
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| gitlab.eurecom.fr/mosaic5g/flexric | [email protected] | gitlab.eurecom.fr | |
| github.com/MinamiKotor1/oran-security-advisories-zhongnan-luo/blob/main/... | [email protected] | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.