CVE-2021-41158 : Security Advisory and Response

FreeSWITCH prior to version 1.10.7 is vulnerable to a SIP digest leak attack, potentially exposing gateway passwords.

Understanding CVE-2021-41158

FreeSWITCH, a Software Defined Telecom Stack, allows attackers to retrieve gateway passwords through a SIP digest leak attack.

What is CVE-2021-41158?

An attacker can exploit FreeSWITCH pre-1.10.7 to leak SIP digest responses from gateways, enabling password recovery.
The vulnerability originates from FreeSWITCH's handling of SIP request challenges, potentially exposing gateway passwords.

The Impact of CVE-2021-41158

CVSS Score: 5.8 (Medium Severity)
Attack Vector: Network
Privileges Required: None
The attacker can recover sensitive information without special network privileges, posing a threat to confidentiality.

Technical Details of CVE-2021-41158

FreeSWITCH vulnerability details and affected systems.

Vulnerability Description

Attackers can force FreeSWITCH to disclose gateway passwords through SIP digest leak attacks.
The issue lies in the code handling challenges in

sofia_reg.c

without proper gateway origin verification.

Affected Systems and Versions

Affected Version: < 1.10.7
Only versions preceding 1.10.7 are impacted by this vulnerability.

Exploitation Mechanism

Attacker can manipulate SIP requests to FreeSWITCH, triggering the leak of gateway challenge responses.

Mitigation and Prevention

Protecting systems against CVE-2021-41158.

Immediate Steps to Take

Upgrade FreeSWITCH to version 1.10.7 or later to apply the patch.
Ensure restricted access to SIP request messages to prevent malicious manipulation.

Long-Term Security Practices

Implement SIP session association for gateways to strengthen challenge response verification.

Patching and Updates

Patch information can be found at the SignalWire FreeSWITCH releases page.