Home

Description

Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service.

PUBLISHED Reserved 2025-05-30 | Published 2025-12-25 | Updated 2025-12-26 | Assigner mitre




MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-617 Reachable Assertion

Product status

Default status
unaffected

32.0 (custom) before 37.2
affected

References

docs.pexip.com/admin/security_bulletins.htm

cve.org (CVE-2025-49088)

nvd.nist.gov (CVE-2025-49088)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.