CVE-2025-54995

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 18.26.4 Asterisk versions prior to 18.9-cert17

Description Asterisk, an open source private branch exchange and telephony toolkit, is susceptible to resource exhaustion due to a lack of session termination. This can lead to leaks of RTP UDP ports and internal resources.

Recommendations Update Asterisk to version 18.26.4 or later. Update Asterisk to version 18.9-cert17 or later.

Exploit

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-1286CWE-399

Related Identifiers

BDU:2025-14436

CVE-2025-54995

DLA-4326-1

GHSA-557Q-795J-WFX2

Affected Products

Asterisk

Debian

Red Os

CVE-2025-54995

Weakness Enumeration

Related Identifiers

Affected Products

References · 21