Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 4:2 p.m.10 views

CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

7.4CVSS5.7AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.13 views

CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

7.4CVSS0.00174EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 2:35 p.m.9 views

CVE-2026-10629 CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

5.7AI score0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 2:35 p.m.22 views

CVE-2026-10629

CVE-2026-10629 concerns Verizon IMS SIP signaling lacking IPsec integrity protection. The SIP signaling stack (unspecified Verizon IMS version) reportedly sends SIP messages without ESP encapsulation or Security-Client/Security-Server headers, exposing REGISTER, INVITE, MESSAGE, BYE, UPDATE, and ...

7.4CVSS5.7AI score0.00174EPSS
Exploits0References2
CERT
CERT
added 2026/06/02 12:0 a.m.12 views

Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and without SIP Security Agreement headers, exposing...

7.4CVSS5.7AI score0.00174EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Verizon VoLTE 安全漏洞

Verizon VoLTE is a high-definition voice communication service provided by Verizon based on 4G LTE networks. There is a security vulnerability in Verizon VoLTE, which stems from the fact that SIP signaling does not use IPsec integrity protection. This vulnerability may allow attackers to compromi...

7.4CVSS5.3AI score0.00174EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31442

Name of the Vulnerable Software and Affected Versions Kamailio versions prior to 6.1.1, prior to 6.0.6, and prior to 5.8.8 Description Kamailio, an open source SIP Signaling Server, contains a flaw where a specially crafted data packet sent over TCP can lead to a denial of service process crash...

7.5CVSS5.7AI score0.00463EPSS
Exploits0References11
Rows per page
Query Builder