CVE-2025-20165

Name of the Vulnerable Software and Affected Versions Cisco BroadWorks (affected versions not specified)

Description A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper memory handling for certain SIP requests. An attacker could exploit this vulnerability by sending a high number of SIP requests to an affected system, potentially exhausting the allocated memory and resulting in a DoS condition that requires manual intervention to recover.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. However, it is recommended to update to RI.2024.11 to prevent service interruption. As a temporary workaround, consider restricting the number of incoming SIP requests to minimize the risk of exploitation. Additionally, monitoring the system's memory allocation and taking measures to prevent memory exhaustion can help mitigate the issue.