CVE-2023-40018

Published: Sep 15, 2023

Modified: Sep 25, 2024

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows remote users to trigger out of bounds write by offering an ICE candidate with unknown component ID. When an SDP is offered with any ICE candidates with an unknown component ID, FreeSWITCH will make an out of bounds write to its arrays. By abusing this vulnerability, an attacker is able to corrupt FreeSWITCH memory leading to an undefined behavior of the system or a crash of it. Version 1.10.10 contains a patch for this issue.

Vendor	Product	Versions
signalwire	freeswitch	affected `< 1.10.10`

Weaknesses (CWE)

CWE-787

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

https://github.com/signalwire/freeswitch/security/advisories/GHSA-7mwp-86fv-hcg3

x_refsource_CONFIRM

https://github.com/signalwire/freeswitch/releases/tag/v1.10.10

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-40018

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References