Cisco BroadWorks SIP Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the SIP processing subsystem of Cisco BroadWorks. This issue allows an unauthenticated, remote attacker to disrupt the handling of incoming SIP requests, causing a DoS condition. The vulnerability arises from improper memory management for certain SIP requests. An attacker could exploit this by sending a large volume of SIP requests to the affected system, exhausting the memory allocated to Cisco BroadWorks Network Servers that manage SIP traffic. When the memory runs out, these servers can no longer process incoming requests, leading to a DoS condition that requires manual intervention to resolve.

Impact

Exploitation of this vulnerability can cause the Cisco BroadWorks Network Servers to become unresponsive, unable to process SIP requests. This DoS condition can disrupt services that rely on SIP, such as voice calls or video conferencing, depending on the specific deployment of BroadWorks.

Remediation

Cisco has released software updates that address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For those without service contracts, upgrades can be requested from the Cisco Technical Assistance Center (TAC).