Volte
Monthly
Cleartext SIP signaling in Verizon's VoLTE/IMS infrastructure allows an on-path attacker positioned on the radio or core network to intercept and tamper with VoIP call signaling because IPsec integrity protection (Security-Client/Security-Server headers and ESP-protected traffic) is not enforced. The flaw, reported by CERT/CC and tracked as EUVD-2026-33945, affects an unspecified Verizon IMS deployment and enables disclosure of call metadata, caller identity spoofing, and signaling manipulation. There is no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.01%.
Cleartext SIP signaling in Verizon's VoLTE/IMS infrastructure allows an on-path attacker positioned on the radio or core network to intercept and tamper with VoIP call signaling because IPsec integrity protection (Security-Client/Security-Server headers and ESP-protected traffic) is not enforced. The flaw, reported by CERT/CC and tracked as EUVD-2026-33945, affects an unspecified Verizon IMS deployment and enables disclosure of call metadata, caller identity spoofing, and signaling manipulation. There is no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.01%.