CVE-2025-20165
Published: 22 January 2025
Description
A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper memory handling for certain SIP requests. An attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system. A successful exploit could allow the attacker to exhaust the memory that was allocated to the Cisco BroadWorks Network Servers that handle SIP traffic. If no memory is available, the Network Servers can no longer process incoming requests, resulting in a DoS condition that requires manual intervention to recover.
Security Summary
CVE-2025-20165 is a vulnerability in the SIP processing subsystem of Cisco BroadWorks, stemming from improper memory handling for certain SIP requests. This issue affects the Cisco BroadWorks Network Servers responsible for handling SIP traffic. Published on 2025-01-22, it has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-789.
An unauthenticated, remote attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system. Successful exploitation would exhaust the memory allocated to the Network Servers, preventing them from processing incoming requests and resulting in a denial of service (DoS) condition that requires manual intervention to recover.
Cisco has issued a security advisory detailing the vulnerability at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-sip-dos-mSySbrmt. Additional references include https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html and https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA. Security practitioners should consult these for mitigation and patch information.
Details
- CWE(s)