Traud

**Name of the Vulnerable Software and Affected Versions** Sangoma Asterisk versions 13.38.1 through 18.2.0 Certified Asterisk version 16.8-cert5 **Description** The issue is related to incorrect access controls in the res srtp.c module, allowing a remote unauthenticated attacker to prematurely terminate secure calls by replaying SRTP packets. **Recommendations** For Sangoma Asterisk versions 13.38.1 through 18.2.0, update to a version that includes the fix for the incorrect access controls in the res srtp.c module. For Certified Asterisk version 16.8-cert5, update to a version that includes the fix for the incorrect access controls in the res srtp.c module. As a temporary workaround, consider restricting access to the res srtp.c module to minimize the risk of exploitation.