CVE-2025-66443

Published: Dec 25, 2025Modified: Jan 5, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service.

Affected (1)

Products: Pexip: Pexip Infinity

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Pexip Pexip Infinity	From 35.0 to 39.0

Related CWEs

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (1)

https://docs.pexip.com/admin/security_bulletins.htm

Source: cve@mitre.org

Vendor Advisory

Timeline

No history available yet.