Service Disruption Risks in Pexip Infinity: Multiple High-Severity CVEs

Aegiron 9 mins0

Product Overview

Product Name: Pexip Infinity
Product Type: Enterprise video conferencing and interoperability platform
Deployment Model: On-premises and hybrid clustered architecture
Risk Category: Service Availability and Platform Stability

Pexip Infinity is widely deployed for enterprise-grade video and collaboration services. Due to the real-time nature of the platform, service availability is critical. The vulnerabilities described in this document affect core components responsible for signalling, media handling, streaming, scheduling, and internal node communication.

Executive Summary

Multiple vulnerabilities have been identified in Pexip Infinity across several versions prior to version 39.0. These weaknesses allow attackers to intentionally trigger service crashes, disconnect active streams, or exhaust system resources, resulting in partial or full denial of service.

Most of the issues can be exploited remotely, do not require authentication, and do not rely on user interaction. While no direct data corruption or remote code execution has been observed, the cumulative operational risk is high due to the ease of exploitation and the impact on real-time communications.

Affected Vulnerabilities Overview

CVE IDSeverityPrimary Impact
CVE-2025-66443HighWebRTC service disruption
CVE-2025-66379HighMedia engine crash
CVE-2025-66378MediumRTMP stream disconnection
CVE-2025-66377HighCross-node operational impact
CVE-2025-59683HighData exposure and resource exhaustion
CVE-2025-49088MediumOne Touch Join service crash
CVE-2025-48704HighSignalling service abort
CVE-2025-32096HighSignalling denial of service
CVE-2025-32095HighFoundational signalling failure

Technical Root Cause

Across the affected components, the vulnerabilities originate from insufficient validation of externally supplied input or missing enforcement of access controls. Several services assume that incoming data adheres to protocol expectations or originates from trusted sources. When those assumptions are violated, the affected processes fail abruptly instead of handling errors gracefully.

In clustered deployments, some weaknesses allow an issue on one node to indirectly affect other nodes, increasing the blast radius of a single attack.

Detailed Vulnerability Analysis

CVE-2025-66443 – WebRTC Direct Media Signalling Failure

Affected Versions: 35.0 to 38.1
Configuration Dependency: Direct Media for WebRTC enabled

Improper validation of WebRTC signalling messages allows malformed data to trigger an internal abort. This impacts WebRTC-based calls and can be repeatedly exploited to keep services unavailable.

Impact:

  • WebRTC calls fail or drop
  • Temporary outage until service recovery

CVE-2025-66379 – Media Engine Input Validation Weakness

Affected Versions: All versions before 39.0

The media processing engine does not adequately validate crafted media streams. Malformed RTP or codec data can force the media service to terminate unexpectedly.

Impact:

  • Active calls drop
  • Media services restart
  • Reduced platform stability

CVE-2025-66378 – RTMP Proxy Access Control Issue

Affected Versions: 38.0 and 38.1

Insufficient authorization checks in the RTMP proxy implementation allow unauthorized stream termination.

Impact:

  • Live RTMP streams forcibly disconnected
  • Broadcast interruptions

CVE-2025-66377 – Internal API Authentication Bypass

Affected Versions: All versions before 39.0
Attack Prerequisite: Code execution on one node

A product-internal API lacks authentication enforcement. An attacker with limited access can send control requests that affect other nodes in the cluster.

Impact:

  • Cross-node service disruption
  • Cluster-wide instability

CVE-2025-59683 – Secure Scheduler for Exchange Access Control Issue

Affected Versions: 15.0 to 38.0
Condition: Office 365 Legacy Exchange Tokens in use

Improper access control allows unauthorized access to scheduling data and enables excessive resource consumption through repeated requests.

Impact:

  • Exposure of scheduling metadata
  • Resource exhaustion leading to service slowdown or outage

CVE-2025-49088 – One Touch Join Calendar Parsing Failure

Affected Versions: 32.0 to 37.1

Improper parsing of calendar invite data used for Teams SIP Guest Join allows crafted invites to crash the OTJ service.

Impact:

  • OTJ service unavailable
  • Meeting join failures

CVE-2025-48704 – Signalling Message Validation Failure

Affected Versions: 35.0 to 37.2

Malformed signalling messages can cause the signalling service to abort.

Impact:

  • Call setup failures
  • Service restart loops under repeated attack

CVE-2025-32096 – Crafted Signalling Message DoS

Affected Versions: 33.0 to 37.0

Improper handling of signalling input allows attackers to repeatedly crash the service using specially crafted messages.

Impact:

  • Persistent denial of service
  • Platform instability

CVE-2025-32095 – Foundational Signalling Input Validation Issue

Affected Versions: All versions before 37.0

This vulnerability represents the underlying signalling validation flaw later addressed incrementally in newer versions.

Impact:

  • Remote denial of service
  • Call control interruption

Attack Characteristics

  • Remote network-based exploitation
  • Low technical complexity
  • No authentication required in most cases
  • No user interaction required
  • Easily automated
  • Repeatable to sustain outages

MITRE ATT&CK Alignment

  • T1499 – Endpoint Denial of Service
  • T1068 – Privilege Escalation (internal API misuse)
  • T1046 – Network Service Discovery (scheduler abuse)

Detection and Monitoring Guidance

Behavioral Indicators

  • Repeated service crashes or unexpected restarts
  • Protocol parsing or validation errors
  • Spikes in failed call setups or dropped calls
  • Unusual internal API activity
  • Unexpected RTMP stream terminations

Recommended Log Sources

  • Pexip signalling logs
  • Media engine logs
  • RTMP proxy logs
  • OTJ service logs
  • Secure Scheduler logs
  • Cluster communication logs
  • Operating system service logs

Payload Characteristics (High-Level)

Malicious input often includes:

  • Invalid message structures
  • Unexpected field values or sizes
  • Protocol state violations
  • Repeated malformed requests from a single source

Exact payload formats vary by service and protocol.

Exploit Availability

At the time of assessment:

  • No public proof-of-concept code is available
  • No known active exploitation campaigns observed
  • Exploitation remains feasible for attackers familiar with signalling and media protocols

Remediation and Patching

Vendor Resolution

All listed vulnerabilities are addressed in Pexip Infinity version 39.0.
Some earlier fixes exist for individual CVEs, but upgrading to 39.0 ensures full coverage.

Only apply patches provided through official Pexip release channels.

Risk Considerations

While these vulnerabilities do not directly enable data manipulation or system takeover, they pose a significant operational risk. Organizations relying on Pexip Infinity for executive communications, healthcare, emergency response, or regulated environments should prioritize remediation due to the ease with which services can be disrupted.

Final Takeaway

These vulnerabilities collectively demonstrate the importance of strict input validation and access control in real-time communication platforms. Prompt patching, exposure reduction, and service monitoring are essential to maintaining platform reliability and availability.

Aegiron

Backed by 11+ years in cybersecurity and incident response, we decode the latest threats shaping today’s digital battlefield. This blog cuts through the noise with clear insights on vulnerabilities, emerging exploits, and the cyber news defenders can’t afford to miss.