A high-severity memory corruption vulnerability in the TextRtpPayloadDecoderNode's DecodeT140 function poses a risk of unauthorized code execution.

The vulnerability exists in the DecodeT140 function of the TextRtpPayloadDecoderNode component. It is triggered during the processing of T.140 text-over-RTP packets, where improper handling leads to memory corruption.

Successful exploitation could allow an attacker to compromise the host system running the decoder, leading to unauthorized data access or service disruption. A CVSS score of 8.8 reflects the high risk, highlighting the need for immediate remediation to protect sensitive communication systems.

Immediate Action: Update the affected software containing the TextRtpPayloadDecoderNode to the latest patch level.

Proactive Monitoring: Monitor logs for crashes or memory-related exceptions within the text decoding service.

Compensating Controls: Use network security controls to inspect and sanitize RTP traffic, specifically looking for anomalous T.140 payload structures.

Public Exploit Available: false

This vulnerability is critical for environments utilizing T.140 over RTP. Organizations should prioritize updating the software components associated with the TextRtpPayloadDecoderNode to eliminate this memory corruption risk and prevent potential exploitation.