CVE-2025-66378
📋 TL;DR
Pexip Infinity versions 38.0 and 38.1 have an insufficient access control vulnerability in their RTMP implementation. This allows attackers to disconnect RTMP streams passing through Proxy Nodes, potentially disrupting video conferencing sessions. Organizations using affected Pexip Infinity versions with RTMP streams via Proxy Nodes are vulnerable.
💻 Affected Systems
- Pexip Infinity
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could disrupt critical video conferences, meetings, or live streams by disconnecting RTMP streams, causing service disruption and business impact.
Likely Case
Attackers disrupt RTMP streams in video conferences, causing temporary service interruptions and degraded user experience.
If Mitigated
With proper network segmentation and access controls, impact is limited to isolated network segments with minimal business disruption.
🎯 Exploit Status
The vulnerability involves insufficient access control, suggesting relatively straightforward exploitation if RTMP endpoints are accessible.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 39.0
Vendor Advisory: https://docs.pexip.com/admin/security_bulletins.htm
Restart Required: Yes
Instructions:
1. Backup current configuration. 2. Download Pexip Infinity 39.0 from official sources. 3. Follow Pexip upgrade documentation for your deployment type. 4. Apply the update. 5. Verify functionality post-upgrade.
🔧 Temporary Workarounds
Disable RTMP on Proxy Nodes
allTemporarily disable RTMP streaming through Proxy Nodes to prevent exploitation
Configure Proxy Nodes to reject RTMP connections via management interface
Network Segmentation
allRestrict network access to Proxy Node RTMP endpoints
Implement firewall rules to limit RTMP access to trusted sources only
🧯 If You Can't Patch
- Implement strict network access controls to limit RTMP traffic to Proxy Nodes
- Monitor RTMP connections for unauthorized disconnection attempts
🔍 How to Verify
Check if Vulnerable:
Check Pexip Infinity version via management interface. If version is 38.0 or 38.1 and RTMP is configured on Proxy Nodes, system is vulnerable.Check Version:
Check via Pexip Management Node web interface or APIVerify Fix Applied:
Verify version is 39.0 or later via management interface and test RTMP stream functionality through Proxy Nodes.📡 Detection & Monitoring
Log Indicators:
- Unexpected RTMP stream disconnections
- Unauthorized access attempts to Proxy Node RTMP endpoints
Network Indicators:
- Unusual RTMP traffic patterns to Proxy Nodes
- RTMP disconnect commands from untrusted sources
SIEM Query:
Search for RTMP disconnect events from non-standard sources in Proxy Node logs