CVE-2020-13387 – Pexip Infinity video conferencing platforms bef... (How to Fix)

Q: What is the severity of CVE-2020-13387?

CVE-2020-13387 has a CVSS score of 7.5 (HIGH). Pexip Infinity video conferencing platforms before version 23.4 have insufficient input validation in H.323 protocol handling, allowing attackers to cause temporary denial of service. This affects all organizations running vulnerable versions of Pexip Infinity for video conferencing.

📋 TL;DR

Pexip Infinity video conferencing platforms before version 23.4 have insufficient input validation in H.323 protocol handling, allowing attackers to cause temporary denial of service. This affects all organizations running vulnerable versions of Pexip Infinity for video conferencing.

💻 Affected Systems

Products:

Pexip Infinity

Versions: All versions before 23.4

Operating Systems: Pexip Infinity OS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with H.323 protocol enabled; SIP and other protocols are not affected.

📦 What is this software?

Pexip Infinity by Pexip

View all CVEs affecting Pexip Infinity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could disrupt all video conferencing services by sending malformed H.323 packets, causing system instability and requiring manual intervention to restore service.

🟠

Likely Case

Temporary service disruption affecting video conferences, potentially causing meeting cancellations or interruptions until the system recovers automatically.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring; system may experience brief performance degradation but maintains core functionality.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted H.323 packets to vulnerable endpoints; no authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 23.4 or later

Vendor Advisory: https://docs.pexip.com/admin/security_bulletins.htm

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Download Pexip Infinity version 23.4 or later from Pexip support portal. 3. Apply the update following Pexip's upgrade documentation. 4. Restart the system. 5. Verify functionality post-upgrade.

🔧 Temporary Workarounds

Disable H.323 Protocol

all

Temporarily disable H.323 protocol if not required for operations

pexip> configuration protocol h323 disable

Network Segmentation

all

Restrict H.323 traffic to trusted sources only using firewall rules

🧯 If You Can't Patch

Implement strict network ACLs to limit H.323 traffic to trusted IP addresses only
Deploy network monitoring and intrusion detection for H.323 protocol anomalies

🔍 How to Verify

Check if Vulnerable:

Check Pexip Infinity version via web admin interface or CLI: pexip> show version

Check Version:

pexip> show version

Verify Fix Applied:

Confirm version is 23.4 or higher and test H.323 connectivity with valid traffic

📡 Detection & Monitoring

Log Indicators:

Multiple H.323 connection failures
System restart events
High CPU/memory usage spikes

Network Indicators:

Unusual H.323 packet patterns
High volume of malformed H.323 packets
Traffic from unexpected sources on H.323 ports (1720, 1719)

SIEM Query:

source="pexip" AND (event_type="connection_failure" OR event_type="system_restart") AND protocol="h323"

📊 Metadata

CVE ID: CVE-2020-13387

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-20

Published: September 25, 2020

Last Updated: November 21, 2024

🔗 References

https://docs.pexip.com/admin/security_bulletins.htm Vendor Advisory
https://www.pexip.com Vendor Advisory
https://docs.pexip.com/admin/security_bulletins.htm Vendor Advisory
https://www.pexip.com Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-13387, you might also want to check these: