CVE-2023-24849 in 315 5G IoT Modem
Summary
by MITRE • 10/25/2023
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 08/07/2025
The vulnerability identified as CVE-2023-24849 represents a critical information disclosure flaw within data modem implementations that process Session Description Protocol messages containing FMTP lines. This vulnerability specifically manifests during the parsing of FMTP (Format Type Parameters) within SDP (Session Description Protocol) messages, creating potential exposure points for sensitive data that should remain protected during communication sessions. The issue stems from inadequate input validation and sanitization mechanisms within the modem's SDP message processing pipeline, particularly when handling format type parameter specifications that define audio or video codec configurations.
The technical implementation flaw occurs when the data modem encounters an FMTP line within an SDP message structure, typically used to specify codec parameters for media streams in VoIP and multimedia communication systems. During parsing operations, the modem fails to properly validate or sanitize the format parameters, potentially allowing maliciously crafted FMTP lines to trigger unexpected behavior that could leak internal system information, memory contents, or configuration details. This vulnerability operates at the protocol parsing layer and affects implementations that do not adequately implement boundary checks or parameter validation during SDP message processing. The flaw aligns with CWE-20, which describes improper input validation, and represents a classic example of how insufficient sanitization of protocol parameters can lead to information exposure.
The operational impact of this vulnerability extends significantly within network communication environments where SDP messages are routinely processed, particularly in VoIP systems, multimedia conferencing platforms, and unified communication solutions. An attacker could potentially exploit this weakness by crafting malicious SDP messages containing specially formatted FMTP lines that, when processed by vulnerable modems, reveal internal system state information, memory addresses, or configuration parameters. This information disclosure could facilitate subsequent attacks including privilege escalation, system enumeration, or targeted exploitation of other vulnerabilities within the communication infrastructure. The vulnerability's impact is particularly concerning in enterprise environments where data modems serve as critical communication endpoints for voice and video services, potentially exposing sensitive operational details that could be leveraged for broader network compromise.
Mitigation strategies for CVE-2023-24849 should focus on implementing robust input validation and sanitization mechanisms within the SDP message parsing components of affected data modem implementations. Organizations should ensure that all FMTP line parameters are properly validated against expected formats and ranges before processing, with strict boundary checks implemented to prevent buffer overflows or information leakage. Security updates and patches should be applied immediately to address the underlying parsing logic, with network segmentation and monitoring implemented to detect anomalous SDP message patterns that might indicate exploitation attempts. The implementation should follow established security practices from the ATT&CK framework, specifically focusing on defensive measures against protocol manipulation and information disclosure techniques. Regular security assessments of communication infrastructure should include testing for similar parsing vulnerabilities, and access controls should be strengthened around modem configuration interfaces to prevent unauthorized modification of parsing rules or parameter definitions.