CVE-2025-57767
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-28

Last updated on: 2025-10-20

Assigner: GitHub, Inc.

Description
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header with an incorrect realm was received without a previous 401 response being sent, the get_authorization_header() function in res_pjsip_authenticator_digest will return a NULL. This wasn't being checked before attempting to get the digest algorithm from the header which causes a SEGV. This issue has been patched in versions 20.15.2, 21.10.2, and 22.5.2. There are no workarounds.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-28
Last Modified
2025-10-20
Generated
2026-06-16
AI Q&A
2025-08-28
EPSS Evaluated
2026-06-14
NVD
CVE-2025-57767
EUVD
EUVD-2025-26117
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
sangoma asterisk to 20.15.2 (exc)
sangoma asterisk From 21.0.0 (inc) to 21.10.2 (exc)
sangoma asterisk From 22.0.0 (inc) to 22.5.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-253 The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-57767 is a vulnerability in the Asterisk telephony software where a specially malformed SIP Authorization header causes a function to return NULL. The software does not check this NULL return before trying to access the digest algorithm, leading to a segmentation fault (crash) of the Asterisk service. This happens when the Authorization header contains a realm not previously challenged or is incorrect without a prior challenge. The issue is due to improper handling of function return values and can be triggered remotely without privileges or user interaction. [1, 2, 3]

Impact Analysis

This vulnerability can cause the Asterisk telephony system to crash (segmentation fault) when it receives a malformed SIP Authorization header. This crash results in denial of service, disrupting telephony services and potentially causing downtime or loss of communication until the service is restarted or patched. Since no privileges or user interaction are required, an attacker can exploit this remotely over the network with low complexity. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by monitoring for crashes or segmentation faults (SEGV) in the Asterisk telephony software, particularly related to SIP requests with malformed Authorization headers. Specifically, look for SIP requests where the Authorization header contains a realm not present in a prior 401 response's WWW-Authenticate header or where an Authorization header with an incorrect realm is received without a preceding 401 response. Network packet capture tools like tcpdump or Wireshark can be used to capture SIP traffic and filter for Authorization headers with unexpected realms. For example, you can use tcpdump to capture SIP traffic: `tcpdump -i <interface> -s 0 -w sip_traffic.pcap port 5060` and then analyze the capture for malformed Authorization headers. Additionally, check Asterisk logs for segmentation faults or crash messages related to authentication. There are no specific built-in commands mentioned to detect this vulnerability automatically. [1, 3]

Mitigation Strategies

The immediate mitigation step is to upgrade Asterisk to a patched version where this vulnerability is fixed. The patched versions are 20.15.2, 21.10.2, and 22.5.2 or later. There are no known workarounds. Applying the patch prevents the segmentation fault by adding checks for NULL Authorization headers and invalid realms, thus avoiding crashes. Until the upgrade is applied, monitor for suspicious SIP requests and consider restricting or filtering malformed SIP traffic if possible. [1, 2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-57767. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart