CVE-2026-33904 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-33904 PUBLISHED CVSS 6.5 MEDIUM

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers. Version 1.7.0 adds deferred Radio cleanup in serveConn SCTP server so that every connection exit path removes the radio. Remove the stale-entry scan from SCTP Notification handling.

EPSS 0.01% · 2.0th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.01%

2.0th percentile

Affected Products

Vendor	Product	Versions
ellanetworks	core	< 1.7.0, < 1.7.0, < 1.7.0
github.com	ellanetworks/core	0, 0, 0

Timeline

Mar 26, 2026 CVE Published
Mar 27, 2026 CVE Updated
Mar 27, 2026 Security Advisory
Mar 27, 2026 PoC Published
Mar 28, 2026 EPSS Score

References

Open in Interactive Console →