FreeSWITCH allows remote users to trigger out of bounds write by offering an ICE candidate with unknown component ID
CVE-2023-40018

7.5HIGH

Key Information:

Vendor: signalwire
Status: freeswitch
Vendor: CVE Published:; 15 September 2023

What is CVE-2023-40018?

FreeSWITCH, a Software Defined Telecom Stack, is prone to an out-of-bounds write vulnerability prior to version 1.10.10. This issue arises when remote users submit an Interactive Connectivity Establishment (ICE) candidate with an unknown component ID, resulting in FreeSWITCH making unauthorized writes to its arrays. Exploiting this flaw enables an attacker to corrupt the memory of FreeSWITCH, potentially causing undefined system behavior or a complete crash. The vulnerability has been addressed in version 1.10.10, which includes a patch to safeguard against this exploit.

Affected Version(s)

freeswitch < 1.10.10

References

https://github.com/signalwire/freeswitch/security/advisor...

x_refsource_CONFIRM

https://github.com/signalwire/freeswitch/releases/tag/v1....

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2023
Vulnerability Reserved
Aug 8, 2023

CVE-2023-40018 Data

JSON