CVE-2025-32095 – CVE-2025-32095 is an improper input validation ... (How to Fix)

Q: What is the severity of CVE-2025-32095?

CVE-2025-32095 has a CVSS score of 7.5 (HIGH). CVE-2025-32095 is an improper input validation vulnerability in Pexip Infinity's signaling component that allows remote attackers to trigger a software abort via crafted signaling messages, causing denial of service. This affects all Pexip Infinity deployments before version 37.0, potentially disrupting video conferencing services.

📋 TL;DR

CVE-2025-32095 is an improper input validation vulnerability in Pexip Infinity's signaling component that allows remote attackers to trigger a software abort via crafted signaling messages, causing denial of service. This affects all Pexip Infinity deployments before version 37.0, potentially disrupting video conferencing services.

💻 Affected Systems

Products:

Pexip Infinity

Versions: All versions before 37.0

Operating Systems: Pexip's proprietary OS

Default Config Vulnerable: ⚠️ Yes

Notes: All standard deployments with signaling enabled are vulnerable. No special configuration required.

📦 What is this software?

Pexip Infinity by Pexip

View all CVEs affecting Pexip Infinity →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of Pexip Infinity platform, rendering all video conferencing capabilities unavailable until manual restart or failover.

🟠

Likely Case

Partial or complete service interruption affecting active meetings, requiring system restart and causing meeting downtime.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring allowing quick detection and response.

🌐 Internet-Facing: HIGH - Signaling components are typically internet-facing for external participant connectivity.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit if they have network access to signaling ports.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Crafted signaling messages can be sent without authentication. The vulnerability is in the core signaling protocol handling.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 37.0 or later

Vendor Advisory: https://docs.pexip.com/admin/security_bulletins.htm

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Download Pexip Infinity 37.0+ from Pexip support portal. 3. Apply update via Management Node web interface or CLI. 4. Restart all nodes. 5. Verify service restoration.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to signaling ports (typically TCP 443, 3478, 5349) to trusted networks only.

Rate Limiting

all

Implement rate limiting on signaling traffic to reduce impact of potential DoS attempts.

🧯 If You Can't Patch

Implement strict network ACLs to limit signaling traffic to trusted sources only.
Deploy WAF or IPS with rules to detect abnormal signaling patterns and block malicious traffic.

🔍 How to Verify

Check if Vulnerable:

Check Pexip Infinity version via Management Node web interface (Admin > System > About) or CLI command 'pexip --version'.

Check Version:

pexip --version

Verify Fix Applied:

Confirm version is 37.0 or higher and monitor for abnormal service aborts in system logs.

📡 Detection & Monitoring

Log Indicators:

Unexpected service aborts
Signaling process crashes
High error rates in signaling logs
Abnormal termination messages in systemd/journalctl

Network Indicators:

Unusual signaling message patterns
Spike in malformed SIP/H.323 packets
Traffic from unexpected sources to signaling ports

SIEM Query:

source="pexip" AND ("abort" OR "crash" OR "segmentation fault") AND process="signaling"

📊 Metadata

CVE ID: CVE-2025-32095

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

EPSS Score: 0.04% exploit probability (13.4th percentile)

Published: December 25, 2025

Last Updated: January 5, 2026

🔗 References

https://docs.pexip.com/admin/security_bulletins.htm Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-32095, you might also want to check these: