Primary

Context

Belledonne Communications Linphone-Desktop NULL Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

A NULL pointer dereference vulnerability has been identified in Belledonne Communications Linphone-Desktop version 5.2.6. This vulnerability allows remote attackers to cause a denial-of-service condition on affected devices.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the affected device.

Remediation

Users are advised to update to version 5.3.99 of the linphone-sdk. CISA recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods such as VPNs.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Belledonne Communications Linphone-Desktop NULL Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating