CVE-2025-57767
BaseFortify
Publication date: 2025-08-28
Last updated on: 2025-10-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sangoma | asterisk | to 20.15.2 (exc) |
| sangoma | asterisk | From 21.0.0 (inc) to 21.10.2 (exc) |
| sangoma | asterisk | From 22.0.0 (inc) to 22.5.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-253 | The product incorrectly checks a return value from a function, which prevents it from detecting errors or exceptional conditions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-57767 is a vulnerability in the Asterisk telephony software where a specially malformed SIP Authorization header causes a function to return NULL. The software does not check this NULL return before trying to access the digest algorithm, leading to a segmentation fault (crash) of the Asterisk service. This happens when the Authorization header contains a realm not previously challenged or is incorrect without a prior challenge. The issue is due to improper handling of function return values and can be triggered remotely without privileges or user interaction. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can cause the Asterisk telephony system to crash (segmentation fault) when it receives a malformed SIP Authorization header. This crash results in denial of service, disrupting telephony services and potentially causing downtime or loss of communication until the service is restarted or patched. Since no privileges or user interaction are required, an attacker can exploit this remotely over the network with low complexity. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or segmentation faults (SEGV) in the Asterisk telephony software, particularly related to SIP requests with malformed Authorization headers. Specifically, look for SIP requests where the Authorization header contains a realm not present in a prior 401 response's WWW-Authenticate header or where an Authorization header with an incorrect realm is received without a preceding 401 response. Network packet capture tools like tcpdump or Wireshark can be used to capture SIP traffic and filter for Authorization headers with unexpected realms. For example, you can use tcpdump to capture SIP traffic: `tcpdump -i <interface> -s 0 -w sip_traffic.pcap port 5060` and then analyze the capture for malformed Authorization headers. Additionally, check Asterisk logs for segmentation faults or crash messages related to authentication. There are no specific built-in commands mentioned to detect this vulnerability automatically. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Asterisk to a patched version where this vulnerability is fixed. The patched versions are 20.15.2, 21.10.2, and 22.5.2 or later. There are no known workarounds. Applying the patch prevents the segmentation fault by adding checks for NULL Authorization headers and invalid realms, thus avoiding crashes. Until the upgrade is applied, monitor for suspicious SIP requests and consider restricting or filtering malformed SIP traffic if possible. [1, 2, 3]