Multiple vulnerabilities in PJSIP
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2021-43299 CVE-2021-43300 CVE-2021-43301 CVE-2021-43302 CVE-2021-43303 |
| CWE-ID | CWE-121 CWE-125 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
pjsip Universal components / Libraries / Libraries used by multiple products |
| Vendor | pjsip |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU60951
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-43299
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in PJSUA API when calling pjsua_player_create. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionspjsip: 0.5.0.1 - 2.11.1
CPE2.3- cpe:2.3:a:pjsip:pjsip:0.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.3:*:*:*:*:*:*:*
https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9
https://jfrog.com/blog/jfrog-discloses-5-memory-corruption-vulnerabilities-in-pjsip-a-popular-multimedia-library/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU60953
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-43300
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in PJSUA API when calling pjsua_recorder_create. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionspjsip: 0.5.0.1 - 2.11.1
CPE2.3- cpe:2.3:a:pjsip:pjsip:0.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.3:*:*:*:*:*:*:*
https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9
https://jfrog.com/blog/jfrog-discloses-5-memory-corruption-vulnerabilities-in-pjsip-a-popular-multimedia-library/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU60954
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-43301
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in PJSUA API when calling pjsua_playlist_create. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionspjsip: 0.5.0.1 - 2.11.1
CPE2.3- cpe:2.3:a:pjsip:pjsip:0.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.3:*:*:*:*:*:*:*
https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9
https://jfrog.com/blog/jfrog-discloses-5-memory-corruption-vulnerabilities-in-pjsip-a-popular-multimedia-library/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU60955
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-43302
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in PJSUA API when calling pjsua_recorder_create. A remote attacker can trigger out-of-bounds read error and cause a denial of service condition on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionspjsip: 0.5.0.1 - 2.11.1
CPE2.3- cpe:2.3:a:pjsip:pjsip:0.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.3:*:*:*:*:*:*:*
https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9
https://jfrog.com/blog/jfrog-discloses-5-memory-corruption-vulnerabilities-in-pjsip-a-popular-multimedia-library/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU60956
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-43303
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in PJSUA API when calling pjsua_call_dump. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionspjsip: 0.5.0.1 - 2.11.1
CPE2.3- cpe:2.3:a:pjsip:pjsip:0.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:pjsip:pjsip:0.5.3:*:*:*:*:*:*:*
https://github.com/pjsip/pjproject/security/advisories/GHSA-qcvw-h34v-c7r9
https://jfrog.com/blog/jfrog-discloses-5-memory-corruption-vulnerabilities-in-pjsip-a-popular-multimedia-library/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
