← Back

CVE-2025-49088

nvd nist
Published: Dec 25, 2025Modified: Jan 5, 2026

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: MITRE (Secondary)

Description

Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service.

Affected (1)

Pexip
1 product
Pexip Infinity
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Pexip Infinity
From 32.0 to 37.2

Related CWEs

CWE-617
Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (1)

Source: cve@mitre.org
Vendor Advisory

Timeline

No history available yet.