Evaluation and Optimization of Automated 5G Vulnerabilities Classification

As 5G networks continue to expand into critical sectors such as healthcare, energy, and transportation, the need for robust security measures is becoming crucial. At the same time, the volume of reported vulnerabilities has grown rapidly in the last few years, increasing from around 25,000 in 2022 to projections of up to 50,000 new CVEs (Common Vulnerabilities and Exposures) in 2025. In this evolving landscape, it is essential to rapidly identify the vulnerabilities that affect the 5G infrastructure. However, traditional methods such as keyword filtering and manual review are slow and error prone, making it increasingly difficult to cope with the continuous influx of newly reported vulnerabilities. To address this problem, the study proposes a methodology to automate the classification of CVEs affecting the 5G infrastructure, making it capable of keeping up with the growing volume of vulnerabilities while preserving reliability. Experiments are conducted on a manually annotated dataset to evaluate the performances of both state-of-the-art open-source LLMs, including Qwen, Gemma, and Llama, and transformer-based models combined with traditional machine learning classifiers such as logistic regression, SVM, and XGBoost. Preliminary evidence shows that SVM achieves strong accuracy while being highly efficient in terms of computational costs. However, the findings suggest that LLM-based approaches generalize better to previously unseen CVEs and also provide explicit reasoning that supports the manual validation process. In particular, lightweight local LLMs (around 4 billion parameters) reach accuracy levels comparable to much larger models, and can be further improved with prompt engineering and fine-tuning, surpassing more resource-intensive models. Notably, the fine-tuned LLMs emerge as the most effective configuration, allowing local execution of the pipeline on limited-resource machines while preserving data privacy, maintaining high accuracy, and offering detailed reasoning that supports manual validation. The proposed approach is directly applicable to real-world security operations, where timely and reliable vulnerability assessment is crucial. Over time, the process could be refined to reduce the need for human validation, and can be easily extended to other critical sectors, broadening its impact beyond the 5G-specific use case.