CVE-2025-32095
Unknown
Unknown - Not Provided
Denial of Service via Improper Input Validation in Pexip Infinity
Publication date: 2025-12-25
Last updated on: 2025-12-25
Assigner: MITRE
Description
Description
Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pexip | infinity | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service condition, where the affected software can be forced to stop functioning by a remote attacker without any privileges or user interaction.
Can you explain this vulnerability to me?
This vulnerability in Pexip Infinity before version 37.0 is due to improper input validation in the signalling process. A remote attacker can send a specially crafted signalling message that causes the software to abort, leading to a denial of service.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70