CVE-2022-24764 is a stack-based buffer overflow vulnerability identified in the open-source multimedia communication library pjsip, specifically in the pjproject component versions 2.12 and earlier. PJSIP is widely used for multimedia communication applications, including VoIP and video conferencing solutions. The vulnerability arises from improper handling of input sizes in the functions pjmedia_sdp_print() and pjmedia_sdp_media_print(), which are responsible for printing Session Description Protocol (SDP) media information. When these APIs are called, unchecked buffer copying can lead to a stack buffer overflow, potentially allowing an attacker to overwrite adjacent memory on the stack. This can result in arbitrary code execution, application crashes, or denial of service. The vulnerability primarily affects applications that utilize the PJSUA2 API or directly invoke the vulnerable print functions. Applications that do not use PJSUA2 or do not call these specific APIs are not impacted. There are no known workarounds currently available, but a patch addressing this vulnerability has been committed to the master branch of the pjsip/pjproject GitHub repository. No exploits have been observed in the wild to date. The vulnerability is classified under CWE-120 and CWE-121, which denote classic and stack-based buffer overflow weaknesses, respectively.

For European organizations, the impact of this vulnerability can be significant, particularly for those relying on communication platforms built on or incorporating pjproject, such as VoIP systems, video conferencing tools, and unified communications solutions. Exploitation could lead to remote code execution or denial of service, compromising the confidentiality, integrity, and availability of communication services. This could disrupt critical business operations, lead to data leakage, or provide attackers with a foothold within enterprise networks. Sectors such as telecommunications, finance, healthcare, and government agencies, which often rely on secure and reliable communication infrastructures, are especially at risk. Additionally, compromised communication systems could be leveraged for further lateral movement or espionage activities. Given the lack of known exploits, the immediate threat is moderate, but the potential for exploitation remains, especially if threat actors develop proof-of-concept code.

Organizations should prioritize updating pjproject to the latest patched version from the official pjsip GitHub repository, ensuring that the fix for CVE-2022-24764 is applied. Since no workarounds exist, patching is the primary defense. Additionally, organizations should audit their applications to identify usage of PJSUA2 or direct calls to pjmedia_sdp_print() and pjmedia_sdp_media_print() APIs. If such usage is detected, immediate patching or temporary disabling of these functions (if feasible) should be considered. Implementing runtime protections such as stack canaries, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) can help mitigate exploitation impact. Network-level controls should monitor and restrict malformed SDP packets or unusual traffic patterns targeting multimedia communication services. Regular security assessments and fuzz testing of communication components can help detect similar vulnerabilities proactively. Finally, organizations should maintain an incident response plan tailored to communication system compromises.