PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-14623 omec-project CVE debrief

CVE-2026-14623 is a vulnerability in omec-project amf up to 2.1.1. The issue affects the RRCInactiveTransitionReport function in the NGAP Message Handler component. This vulnerability can lead to denial of service and may be exploited remotely. The exploit has been publicly disclosed. A patch, 34bc6724acc97dba1f8691e586da95b042cb612d, is available to remediate this issue.

Vendor
omec-project
Product
amf
CVSS
LOW 2.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-04
Original CVE updated
2026-07-04
Advisory published
2026-07-04
Advisory updated
2026-07-04

Who should care

Defenders of networks utilizing omec-project amf up to 2.1.1 should prioritize patching this vulnerability to prevent potential denial of service attacks. Given the low CVSS score of 2.1, it may not be a high priority, but it should still be addressed in a timely manner as part of regular maintenance.

Technical summary

The vulnerability CVE-2026-14623 exists in the omec-project amf up to version 2.1.1. It is located in the RRCInactiveTransitionReport function of the NGAP Message Handler component. This issue can be exploited remotely to cause a denial of service. The Common Vulnerability Scoring System (CVSS) score is 2.1, indicating a low severity. The vulnerability has been publicly disclosed and a patch is available.

Defensive priority

This vulnerability has a low CVSS score of 2.1, indicating a low severity. However, defenders should still prioritize patching to prevent potential denial of service attacks.

Recommended defensive actions

  • Apply the patch 34bc6724acc97dba1f8691e586da95b042cb612d to remediate the vulnerability.
  • Review and update inventory of affected omec-project amf instances.
  • Monitor for potential denial of service attacks.
  • Consider compensating controls if patching is not immediately feasible.
  • Track vendor remediation workflow for additional information.

Evidence notes

The CVE-2026-14623 vulnerability was determined in omec-project amf up to 2.1.1. The issue affects the function RRCInactiveTransitionReport of the component NGAP Message Handler. The attack may be performed from remote and can lead to denial of service. The exploit has been publicly disclosed.

Official resources

This article is AI-assisted and based on the supplied source corpus.