Improper Handling of Syntactically Invalid Structure

CVE-2025-59174

High

7.1/10

Summary

Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation.

Attack Complexity: LOW
Attack Vector: ADJACENT_NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-228 - Improper Handling of Syntactically Invalid Structure

The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.

References

Advisory Timeline

Published Jun 05, 2026

Improper Handling of Syntactically Invalid Structure

CVE-2025-59174

Summary

CWE-228 - Improper Handling of Syntactically Invalid Structure

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS