Asterisk

Asterisk, a popular open source communications framework, released patches to address three critical denial-of-service vulnerabilities affecting all versions of Asterisk 13 and 14 and Certified Asterisk 13.13. One vulnerability could allow a remote threat actor to corrupt the memory allocation table and two other vulnerabilities affecting the PJSIP open source multimedia communication library could allow a remote threat actor to cause a system crash. The NJCCIC recommends Asterisk users and administrators review theAsterisk Security Advisory and update to Asterisk 13.51, 14.4.1, or Certified Asterisk 13.13-cert4.