Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can trigger a software abort (temporary loss of service).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25868
Reference (s):
- https://docs.pexip.com/admin/security_bulletins.htm#CVE-2020-25868
- https://docs.pexip.com/admin/security_bulletins.htm