An attacker can trigger a denial-of-service condition on the modem by sending a specially crafted SIP REFER request that causes memory corruption.

This vulnerability affects the Modem firmware's handling of SIP REFER requests. An attacker can trigger a crash through memory corruption, potentially leading to a denial-of-service or, in certain contexts, arbitrary code execution.

The ability to remotely crash modem hardware can lead to significant service outages and loss of communication capabilities. Given the CVSS score of 8.8, this vulnerability poses a high risk to business operations, particularly in environments where modem availability is critical for connectivity.

Immediate Action: Update modem firmware to the latest secure version provided by the manufacturer.

Proactive Monitoring: Monitor network traffic for malformed SIP requests and observe modem uptime logs for unexpected reboots or crashes.

Compensating Controls: Implement strict SIP traffic filtering at the network edge to block malformed or unauthorized REFER requests before they reach the modem.

Public Exploit Available: false

To prevent service disruption, it is essential to address this vulnerability by applying firmware updates as soon as they become available. Network administrators should also ensure that SIP traffic is properly filtered to reduce the exposure of the modem to potentially malicious requests.