216.73.217.64

CVE-2025-49088

· Published 25/12/2025 05:16 · Modified 25/12/2025 05:16

Labels: CVE-2025-49088 2025-12-25CVE-2025-49088CWE-617[email protected]

Essential information

Published
25/12/2025 05:16
Modified
25/12/2025 05:16
Author
Creator
CVSS
5.9 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
pexip / pexip infinity cpe:2.3:a:pexip:pexip_infinity:32.0-37.1:*:*:*:*:*:*:*
pexip / pexip infinity cpe:2.3:a:pexip:pexip_infinity:<37.2:*:*:*:*:*:*:*

References