Polycom SoundPoint IP SIP Phones INVITE Message Remote Denial of Service Vulnerability

Polycom SoundPoint IP SIP Phones INVITE Message Remote Denial of Service Vulnerability

Polycom SoundPoint IP phones are prone to a denial-of-service vulnerability because the devices fail to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successfully exploiting this issue allows remote attackers to crash affected devices, requiring a reboot by physically disconnecting and reconnecting the device's power supply to recover. Given the nature of the issue, code execution may also be possible, but this has not been confirmed.

NOTE: According to new information, this vulnerability may be triggered through a long string in the 'VIA:' field.

Phones SoundPoint IP 300, 301, 430, 500, 501, 550, 600, 601, 650 and IP 4000 phones running all SIP software revisions are vulnerable to this issue.