Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Lifecycle Timeline
3DescriptionCVE.org
Information disclosure may occur while processing goodbye RTCP packet from network.
AnalysisAI
CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processing that allows unauthenticated remote attackers to leak sensitive data through malicious goodbye (BYE) RTCP packets. The vulnerability affects multiple VoIP and real-time communication products processing RTCP traffic; attackers can extract confidential information across the network without authentication or user interaction, and may also cause limited availability impact. The high CVSS score of 8.2 reflects the severe confidentiality impact and network-based attack vector, though exploitation complexity is low.
Technical ContextAI
RTCP (Real-time Transport Control Protocol, RFC 3550) is a companion protocol to RTP used for control and feedback in multimedia streaming applications. The vulnerability exists in RTCP BYE (goodbye) packet processing logic, a fundamental control message that indicates a participant is leaving an RTP session. CWE-126 (Buffer Over-read) indicates the root cause involves reading beyond intended buffer boundaries during RTCP packet parsing, likely when handling malformed BYE packet payloads or option fields. This buffer over-read can expose adjacent memory containing session keys, authentication tokens, codec parameters, or other sensitive RTP/RTCP session data. The vulnerability chain involves: (1) receipt of network RTCP BYE packet, (2) insufficient bounds checking during deserialization, (3) out-of-bounds memory access leaking heap or stack data. Affected products typically include VoIP endpoints (SIP phones, softphones), media servers, RTC libraries, and unified communications platforms that implement RTCP per RFC 3550.
RemediationAI
Specific patch information was not provided in the input. Remediation steps follow standard vulnerability response: (1) Consult vendor security advisories linked to CVE-2024-53021 for affected product versions and patched releases, (2) Apply security patches immediately to production systems, prioritizing media servers and SIP endpoints, (3) If patches unavailable, implement network-level RTCP filtering/monitoring to detect malformed BYE packets using DPI (deep packet inspection) rules that validate RTCP packet structure per RFC 3550, (4) Disable RTCP BYE processing if operationally feasible, falling back to session timeout mechanisms, (5) Isolate RTP sessions to trusted networks with firewall rules restricting RTCP traffic to known peer ranges, (6) Monitor for exploit attempts: log RTCP parsing errors, malformed packet drops, and memory access violations. Escalate to vendor support for specific patch timelines and zero-day guidance if production instances cannot be patched immediately.
More in Sm7250p Firmware
View allCVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o
Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerabilit
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption during the FRS UDS generation process. Rated high severity (CVSS 7.8), this vulnerability is low attac
Memory corruption while triggering commands in the PlayReady Trusted application. Rated high severity (CVSS 7.8), this v
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Rated high se
Memory corruption while reading secure file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. Rated high se
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vu
Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is
Memory corruption vulnerability in Qualcomm's Virtual Machine (VM) attachment mechanism that occurs when the Host Linux
Same weakness CWE-126 – Buffer Over-read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2024-54632