Verizon · Verizon Ims · CVE-2026-10629
**Name of the Vulnerable Software and Affected Versions**
Verizon IMS (affected versions not specified)
**Description**
The SIP signaling stack implements SIP signaling without IPsec integrity protection, specifically lacking Security-Client/Security-Server headers and ESP traffic. This allows an on-path attacker to compromise the confidentiality, integrity, and authenticity of VoLTE signaling through passive monitoring and active manipulation of unsecured SIP messages over the radio and core network.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.