PatchSiren cyber security CVE debrief
CVE-2026-14623 omec-project CVE debrief
CVE-2026-14623 is a vulnerability in omec-project amf up to 2.1.1. The issue affects the RRCInactiveTransitionReport function in the NGAP Message Handler component. This vulnerability can lead to denial of service and may be exploited remotely. The exploit has been publicly disclosed. A patch, 34bc6724acc97dba1f8691e586da95b042cb612d, is available to remediate this issue.
- Vendor
- omec-project
- Product
- amf
- CVSS
- LOW 2.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-04
- Original CVE updated
- 2026-07-04
- Advisory published
- 2026-07-04
- Advisory updated
- 2026-07-04
Who should care
Defenders of networks utilizing omec-project amf up to 2.1.1 should prioritize patching this vulnerability to prevent potential denial of service attacks. Given the low CVSS score of 2.1, it may not be a high priority, but it should still be addressed in a timely manner as part of regular maintenance.
Technical summary
The vulnerability CVE-2026-14623 exists in the omec-project amf up to version 2.1.1. It is located in the RRCInactiveTransitionReport function of the NGAP Message Handler component. This issue can be exploited remotely to cause a denial of service. The Common Vulnerability Scoring System (CVSS) score is 2.1, indicating a low severity. The vulnerability has been publicly disclosed and a patch is available.
Defensive priority
This vulnerability has a low CVSS score of 2.1, indicating a low severity. However, defenders should still prioritize patching to prevent potential denial of service attacks.
Recommended defensive actions
- Apply the patch 34bc6724acc97dba1f8691e586da95b042cb612d to remediate the vulnerability.
- Review and update inventory of affected omec-project amf instances.
- Monitor for potential denial of service attacks.
- Consider compensating controls if patching is not immediately feasible.
- Track vendor remediation workflow for additional information.
Evidence notes
The CVE-2026-14623 vulnerability was determined in omec-project amf up to 2.1.1. The issue affects the function RRCInactiveTransitionReport of the component NGAP Message Handler. The attack may be performed from remote and can lead to denial of service. The exploit has been publicly disclosed.
Official resources
This article is AI-assisted and based on the supplied source corpus.