CVE-2023-31289 – Pexip Infinity before version 31.2 has improper... (How to Fix)

Q: What is the severity of CVE-2023-31289?

CVE-2023-31289 has a CVSS score of 7.5 (HIGH). Pexip Infinity before version 31.2 has improper input validation in signaling components, allowing remote attackers to trigger an abort condition. This affects all Pexip Infinity deployments running vulnerable versions, potentially disrupting video conferencing services.

📋 TL;DR

Pexip Infinity before version 31.2 has improper input validation in signaling components, allowing remote attackers to trigger an abort condition. This affects all Pexip Infinity deployments running vulnerable versions, potentially disrupting video conferencing services.

💻 Affected Systems

Products:

Pexip Infinity

Versions: All versions before 31.2

Operating Systems: Pexip Infinity appliance/software

Default Config Vulnerable: ⚠️ Yes

Notes: All standard deployments are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Pexip Infinity by Pexip

View all CVEs affecting Pexip Infinity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote unauthenticated attacker causes service disruption or denial of service, impacting critical video conferencing operations.

🟠

Likely Case

Service interruption leading to dropped calls and degraded conferencing capabilities.

🟢

If Mitigated

Minimal impact with proper network segmentation and updated systems.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Improper input validation typically allows straightforward exploitation via crafted signaling packets.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 31.2 or later

Vendor Advisory: https://docs.pexip.com/admin/security_bulletins.htm

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Download Pexip Infinity version 31.2 or later from Pexip support portal. 3. Apply update via management interface. 4. Restart services as prompted.

🔧 Temporary Workarounds

Network segmentation

all

Restrict access to signaling ports to trusted networks only

Rate limiting

all

Implement rate limiting on signaling traffic to reduce impact

🧯 If You Can't Patch

Implement strict network ACLs to limit signaling traffic to trusted sources only
Deploy intrusion prevention systems to detect and block malformed signaling packets

🔍 How to Verify

Check if Vulnerable:

Check Pexip Infinity version via management interface or SSH: show system version

Check Version:

show system version

Verify Fix Applied:

Confirm version is 31.2 or higher and check system logs for stability

📡 Detection & Monitoring

Log Indicators:

Unexpected service restarts
Abnormal signaling errors
Connection resets

Network Indicators:

Unusual signaling packet patterns
Spike in malformed SIP/H.323 packets

SIEM Query:

source="pexip" AND (event="service_restart" OR event="signaling_error")

📊 Metadata

CVE ID: CVE-2023-31289

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-20

Published: December 25, 2023

Last Updated: November 21, 2024

🔗 References

https://docs.pexip.com/admin/security_bulletins.htm Vendor Advisory
https://docs.pexip.com/admin/security_bulletins.htm Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-31289, you might also want to check these: