Cybersecurity scientists on Tuesday disclosed facts about a zero-click security vulnerability in Linphone Session Initiation Protocol (SIP) stack that could be remotely exploited without the need of any motion from a target to crash the SIP client and bring about a denial-of-provider (DoS) affliction.
Tracked as CVE-2021-33056 (CVSS rating: 7.5), the issue issues a NULL pointer dereference vulnerability in the “belle-sip” component, a C-language library used to carry out SIP transport, transaction, and dialog layers, with all variations prior to 4.5.20 influenced by the flaw. The weak spot was learned and claimed by industrial cybersecurity business Claroty.
Linphone is an open up-resource and cross-system SIP client with guidance for voice and movie calls, conclude-to-end encrypted messaging, and audio meeting phone calls, among other folks. SIP, on the other hand, is a signaling protocol applied for initiating, protecting, and terminating actual-time multimedia interaction classes for voice, video clip, and messaging purposes more than the internet.
To that conclusion, the remotely exploitable vulnerability can be activated by incorporating a malicious forward slash (“
“The underlying bug here is that non-SIP URIs are accepted as valid SIP header values,” Claroty researcher Sharon Brizinov said in a write-up. “Therefore, a generic URI such as a simple single forward slash will be considered a SIP URI. This means that the given URI will not contain a valid SIP scheme (scheme will be NULL), and so when the [string] compare function is called with the non-existent scheme (NULL), a null pointer dereference will be triggered and crash the SIP client.”
It’s worth noting that the flaw is also a zero-click vulnerability as it’s possible to cause the SIP client to crash simply by sending an INVITE SIP request with a specially-crafted From/To/Diversion header. As a consequence, any application that uses belle-sip to analyze SIP messages will be rendered unavailable upon receiving a malicious SIP “call.”
Although the patches are available for the core protocol stack, it’s essential that the updates are applied downstream by vendors that rely on the affected SIP stack in their products.
“Successful exploits targeting IoT vulnerabilities have demonstrated they can provide an effective foothold onto enterprise networks,” Brizinov said. “A flaw in a foundational protocol such as the SIP stack in VoIP phones and applications can be especially troublesome given the scale and reach shown by attacks in opposition to numerous other 3rd-party components utilized by developers in computer software jobs.”
Discovered this report exciting? Adhere to THN on Facebook, Twitter and LinkedIn to study extra distinctive written content we write-up.
Some pieces of this report are sourced from: