Origin-Validation Error in Sipwise RTP Engine Allows Media Stream Interception
CVE-2025-53399

6.9MEDIUM

Key Information:

Vendor: Sipwise
Status: Rtpengine
Vendor: CVE Published:; 1 August 2025

What is CVE-2025-53399?

In Sipwise RTP Engine prior to version 13.4.1.1, a flaw exists in the endpoint-learning logic that allows attackers to exploit origin-validation weaknesses, enabling them to inject or intercept RTP/SRTP media streams. This vulnerability can have severe consequences unless the relay is configured with strict settings and learning is disabled. The released version 13.4.1.1 addresses this issue by limiting exposure to the first five packets and implementing a recrypt flag, effectively preventing SRTP attacks when both of these measures are applied.

Affected Version(s)

rtpengine 0 < 13.4.1.1

References

https://github.com/sipwise/rtpengine/commits/rfuchs/secur...

https://www.openwall.com/lists/oss-security/2025/07/31/1

https://github.com/sipwise/rtpengine/releases/tag/mr13.4.1.1

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2025
Vulnerability Reserved
Jun 29, 2025